Last Update: June 1, 2017
The installer of Tera Term 4.94 or earlier has vulnerability of DLL loading without intent.
When this vulnerability is used for bad ends, a malicious third person will execute any code on installer startup.
This vulnerability only affects on installer startup, so Tera Term already installed does not have the problem.
Newly, please use below method when Tera Term is installed.
The installer of Tera Term 4.94 or earlier.
The zip archive can not be affected.
Any DLL file may be loaded without intent on installer startup.
The DLL file that a malicious third person stores into the installer directory will be loaded,
and then any code will be executed.
Tera Term already installed does not have the problem because this vulnerability only affects on installer startup.
Please use the latest installer when installing or upgrading the Tera Term.
Please use below method to install an older version.
Thank you for Eiri Masami of Tachibana General Laboratories, IPA and JPCERT/CC relationship.
Email: ttssh2-nospam-security
lists.osdn.me