From ade8e3f8cbfd1143fcd2e4bfbd6c387b8b64f732 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Tue, 3 Dec 2019 22:23:09 +0100
Subject: Windows: Fix possible local privilege escalation vulnerability during
 execution of VeraCrypt Expander (CVE-2019-19501)

---
 src/ExpandVolume/WinMain.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/ExpandVolume/WinMain.cpp')

diff --git a/src/ExpandVolume/WinMain.cpp b/src/ExpandVolume/WinMain.cpp
index 2710cc4e..ffeabe01 100644
--- a/src/ExpandVolume/WinMain.cpp
+++ b/src/ExpandVolume/WinMain.cpp
@@ -957,7 +957,7 @@ BOOL CALLBACK MainDialogProc (HWND hwndDlg, UINT uMsg, WPARAM wParam, LPARAM lPa
 		if (lw == IDM_HOMEPAGE )
 		{
 			ArrowWaitCursor ();
-			ShellExecute (NULL, L"open", L"https://www.veracrypt.fr", NULL, NULL, SW_SHOWNORMAL);
+			SafeOpenURL (L"https://www.veracrypt.fr");
 			Sleep (200);
 			NormalCursor ();
 
-- 
cgit v1.2.3