http://www.securityweek.com/critical-flaw-found-avg-mcafee-kaspersky-products (http://www.securityweek.com/critical-flaw-found-avg-mcafee-kaspersky-products)
“The company believes the issue is not limited to security solutions â€" it can affect any intrusive application, including performance monitoring and data leak prevention (DLP) solutions.â€
I don't think there is any vulnerability for Process Lasso here, but we do have on our short-term agenda adding more binary security measures, per this request: https://products.bitsum.com/forum/index.php/topic,5317.0.html
The only 'problem' is that Microsoft has me waiting until Jan 20 to switch to VS2015 due to a weird anomaly in the way my MSDN subscription was upgraded when it was renewed.
During this, we will be sure to do a full audit to make sure our code is as secure as it can be, as we periodically do.
Of course, this often comes at a price -- legacy compatibility. It's always a delicate balance.
We'll keep everyone updated, as always ;).
I just tried ensilo's security vulnerability checker listed in the article here: https://github.com/BreakingMalware/AVulnerabilityChecker
Apparently since I use Defender my system is not vulnerable to this type of attack. 8)