Potential Vulnerability with simplehelp install

I am not sure if this is just our install or the default way the install is run.
Most common high risk vuln in the organization: Simplehelp EXE can be replaced by anyone.

Path : c:\programdata\jwrapper-remote access\jwappssharedconfig\restricted\simpleservice.exe

Used by services : Remote Access Service

File write allowed for groups : Everyone

Full control of directory allowed for groups : Everyone

First, why is this such an issue. With “everyone” listed with full control of the exe, and the exe is a service, ANYONE can replace the simplehelp exe with a file of their choosing and just rename it, running whatever they want(think malware, virus, etc) as a service automatically.
We talked to support and are told that the newest installer does not have this issue, it was fixed in 5.3.
They told us there is 2 options,

  1. stop the service, uninstall and reinstall on all machines
  2. run a script to remove “everyone” from permissions of the exe
    Unfortunately the command sent is not working, and it only is setting the permissions on the file, not the folder. This is what we found works for changing the whole folder:
    icacls “C:\ProgramData\JWrapper-Remote Access\JWAppsSharedConfig” /c /t /Remove:g Everyone""

Make sure to send in a support ticket. This is a user forum for community support and is not monitored by SimpleHelp Staff.


We did send in a ticket and talk to support, see the previous reply.
This is a security vulnerability that their updater does not fix and I found no mention of this in any documentation, so it is a community issue. Everyone with an install prior to 5.3 should be checking their permissions on the folder/file mentioned above and remediating themselves.

1 Like

Got it. Sorry somehow I missed the second part. :sleeping:

While the permissions issue was addressed for newer service installs in v5.3, we’ve made a change to v5.3.5 that will have the service modify the installation permissions of pre-existing services. Once services update, the permissions should be fixed automatically.

1 Like

The changes I mentioned yesterday are now live in SimpleHelp 5.3.5.