Information from Japan Computer Emergency Response Team Coordination Center (JPCERT/CC)

■ Overview
LogonTracer contains multiple vulnerabilities.

1. An arbitrary OS command may be executed by a logged-in user
2. If specially crafted Windows event log is loaded, the contents of the database may be altered

These vulnerabilities have been fixed in LogonTracer v2.0.0. If you are using LogonTracer, please update to the latest version.

■ Affected Versions
LogonTracer prior to v2.0.0

■ Solution
Updated the software to latest version.

■ Fixed Version
LogonTracer v2.0.0 and later