Guardian for CWE-428 Valid HTML 4.01 Transitional Valid CSS Valid SVG 1.0

Me, myself & IT

Guardian for CWE-428


The batch script GUARDIAN.CMD creates empty files ‹filename›.EXE next to some or all subdirectories which contain a space in their name it finds in the root directory of Windows’ system drive %SystemDrive%, underneath the directories %SystemRoot%\, "%ProgramFiles%\" and (if it exists) "%ProgramFiles(x86)%\" as well as "%USERPROFILE%\" to let execution of these DLLs and applications due to the well-known weaknesses listed as CWE-426: Untrusted Search Path, CWE-427: Uncontrolled Search Path Element and CWE-428: Unquoted Search Path or Element in the CWE fail.


The batch script GUARDIAN.CMD is packaged in the (compressed and digitally signed) cabinet file GUARDIAN.CAB.

Authenticity and Integrity

GUARDIAN.CAB is digitally signed using an X.509 certificate issued by WEB.DE TrustCenter E-Mail Certification Authority.
Serial number of the certificate
Fingerprint of the certificate
MD5: e5 0b 01 66 ce 2e 7a 03 f4 98 39 37 f6 f9 9f ba
SHA-1: 79 05 5d 63 2f 03 31 83 04 e2 ff 3b 25 b9 cc b6 70 ad ec 31
Download and install the CA and root X.509 certificates of WEB.DE to validate and verify the digital signature.

Note: due to its counter signature alias timestamp the digital signature remains valid past the X.509 certificates expiration date!


The installation requires administrative privileges.

Automatic online installation

If visited with Internet Explorer, this web page will prompt to install (the contents of) the package using Internet Component Download.

Manual offline installation

Download the package GUARDIAN.CAB and verify its digital signature, then open it in Windows Explorer, extract its contents and call the extracted batch script GUARDIAN.CMD to run the installation.


Not provided.


If you miss anything here, have additions, comments, corrections, criticism or questions, want to give feedback, hints or tipps, report broken links, bugs, errors, inaccuracies, omissions, vulnerabilities or weaknesses, …:
don’t hesitate to contact me and feel free to ask, comment, criticise, flame, notify or report!

Use the X.509 certificate to send S/MIME encrypted mail.

Notes: I dislike HTML (and even weirder formats too) in email, I prefer to receive plain text.
I also expect to see a full (real) name as sender, not a nickname!
Emails in weird formats and without a proper sender name are likely to be discarded.
I abhor top posts and expect inline quotes in replies.

Terms and Conditions

By using this site, you signify your agreement to these terms and conditions. If you do not agree to these terms and conditions, do not use this site!
Copyright © 1995–2018 • Stefan Kanthak • <‍skanthak‍@‍nexgo‍.‍de‍>