Potential security finding from LWL products from

Product: Strausphere UX\ProfileUnity FlexApp

Product Version: 5.x

Expires on: 365 days from publish date

Updated: May 13, 2014


Problem:  The remote Windows host has at least one service installed that uses
an unquoted service path.

Description :

The remote Windows host has at least one service installed that uses
an unquoted service path, which contains at least one whitespace. A
local attacker could gain elevated privileges by inserting an
executable file in the path of the affected service.
Note that this is a generic test that will flag any application
affected by the described vulnerability.

See also :





Possible Resolution:

Launch regedit (on the base image if composed for a pool)


Stop services:


Liquidware Labs Connector ID Serivce
Liquidware Labs Software Update Service
Liquidware Labs User Identification Service
Liquidware Labs Profile Service


Edit keys under:






Change value "ImagePath" on each key and add "" preceding and at the end of each Exe path.


The next release of the Connector ID software and ProfileUnity software will include these updates.


The attached zip file contains .reg files that can be used with a login script or ProfileUnity config reg applet.


The effected services will need to be restarted once the registry changes have been made.


Optionally, you can script the process using the following commands.


net stop tntgrd

net stop tntuidsvc

net stop tntupdsvc

net stop lwlprofile

reg delete HKLM\SYSTEM\CurrentControlSet\services\tntgrd /v ImagePath /f
reg delete HKLM\SYSTEM\CurrentControlSet\services\tntuidsvc /v ImagePath /f
reg delete HKLM\SYSTEM\CurrentControlSet\services\tntupdsvc /v ImagePath /f
reg delete HKLM\SYSTEM\CurrentControlSet\services\lwlprofile /v ImagePath /f

reg add HKLM\SYSTEM\CurrentControlSet\services\tntgrd /v ImagePath /t REG_EXPAND_SZ /d "\"C:\Program Files (x86)\Liquidware Labs\Connector ID\tntgrd.exe"\" /f

net start tntgrd
reg add HKLM\SYSTEM\CurrentControlSet\services\tntuidsvc /v ImagePath /t REG_EXPAND_SZ /d "\"C:\Program Files (x86)\Liquidware Labs\Connector ID\tntuidsvc.exe"\" /f

net start tntuidsvc
reg add HKLM\SYSTEM\CurrentControlSet\services\tntupdsvc /v ImagePath /t REG_EXPAND_SZ /d "\"C:\Program Files (x86)\Liquidware Labs\Connector ID\tntupdsvc"\" /f

net start tntupdsvc
reg add HKLM\SYSTEM\CurrentControlSet\services\lwlprofile /v ImagePath /t REG_EXPAND_SZ /d "\"C:\Program Files\ProfileUnity\Profile Service\ProfileService.exe"\"  /f

net start lwlprofile



cmd attached to this KB will stop services, check for OS bit level, change necessary reg keys, and restart services.



Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request


Article is closed for comments.