[原文]Unquoted Windows search path vulnerability in BitDefender 8 allows local users to prevent BitDefender from starting by creating a malicious C:\program.exe, possibly due to the lack of quoting of the full pathname when executing a process.
BitDefender 8 Professional Plus and Standard Edition contains a flaw that may allow a malicious user to bypass virus protection. The issue is triggered by a race condition caused by a specially crafted "C:\program.exe" file. At Windows startup the file is detected and an alert message is sent to the user, causing the Windows session to begin without starting BitDefender, resulting in a loss of availability of the anti-virus application.
Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround(s):
The vendor recommends putting all start up commands between double quotes.