Hi Alexandrud, Does WFC use HTTPS or FTP to download new versions ? And check the SHA2 when download completes ? It seems safer that way. I was exploited once while I had that WFC Update rule turned on. Once I re-imaged the machine and turned the rule off before I connected the ethernet cable, I wasn't exploited again. Not saying that that is the definite entry point of the attack, it may be co-incidental. But hey, it doesn't hurt if it does those things, and check the code. Sorry for not being able to beta test v6 in time, I just noticed that you released it.