Knowledge Base
Searching in : Trouble report
ID:TR10P08887
Added on: 2018-10-01
Last Update: 2018-10-11
Solved in version: 6.3.6
Platform: All Windows Platforms
Product: NoMachine Client
Severity: Minor
Status: Solved
Print this article

Possible arbitrary code execution on client's wintab32.dll preload

Due to the way the Qt libraries used by NoMachine client load the wintab32.dll dynamic library, a local Windows user could execute arbitrary code by DLL hijacking.

This issue regards the client part of all NoMachine installations on Windows (NoMachine free, NoMachine Enterprise Client, NoMachine Enteprise Desktop and NoMachine Cloud Server).

All Windows users are therefore kindly invited to update their NoMachine installations.
 

For NoMachine customers still using version 5: this problem is fixed in v. 5.3.27.

SOLVED, Released in version 6.3.6