o SignKorea release security updates to address a remote code execution vulnerability in SKCertService.
Remote code execution
o SKCertService contains a vulnerability that could allow remote attacker to execute arbitrary code. This vulnerability exists due to the way .dll files are loaded by SKCertService. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.
□ Affected Products
2.3.0 ~ 2.5.5
o Update software over SKCertService 2.5.8 version
□ Reference site