Posted by Stefan Kanthak on Oct 10

“Shawn McMahon” syberghost () gmail com wrote:

1. installation <> execution;
2. installation of a package does NOT require administrative rights in
general!

No!
The point is: well-known package formats allow you to inspect “things”,
EXE generally dont.
In more detail:

1. It’s not a vulnerability, but a weakness and (design) bug in the first
place: there is no need to EXEcute programs from (possibly)…