Dear Wilders Users, I am a computer enthusiast and as such occasionally do some programming at home. Today however, while writing a new program (completely unrelated to security), I have accidently discovered a critical security vulnerability that affects possibly several security applications. I have tested this vulnerability against SSM 220.127.116.119 and it fails allowing the creation of autostart entries in HKLM\Run. The payload can be much worse however as SSM is totally bypassed... My question is what should I do? Should I compile the source code and publish a "leak test" or should I contact the software company(s) affected? I myself cant believe such a sophisticated HIPS can be bypassed completely. I believe many more security programs may be affected but this has not been confirmed. Just a warning of possible zero-day attacks on zero-day protection software. Oh, the irony!