Skip to main content

How to Avoid High-Risk Vulnerabilities in Clash?

Vulnerability Introduction

Earlier this year, Clash for Windows was exposed to a remote code execution high-risk vulnerability again. The basic principle is that attackers lure victims into clicking a string disguised as a normal link (don't easily click on strange links!!). When the victim clicks on this link, it will automatically overwrite the configuration file of Clash for Windows, thus allowing attackers to execute arbitrary code through the parser function in the configuration file to gain system permissions of the victim.

Simply put, hackers can control your computer and gain all permissions on the computer through this loophole.

Solution

Immediately update your Clash For Windows client to avoid this vulnerability! Click on the string of numbers on the Clash title page, and then click the "Download" button.

Then patiently wait for the green progress bar to complete.

After downloading is complete, it will prompt whether to restart the APP, at this time of course choose Yes! After restarting, it's done, it is recommended to keep the Clash client updated regularly.

VPS Recommendation

Bandwagon Host suddenly went live with a large batch of VPS replenishment on 09.12. Don't miss the opportunity if you are passing by.

DC6 GIA and Japan SoftBank line limited edition (512MB memory, 10GB SSD, 500GB monthly traffic), $49.99/year (recommended)

DC9 CN2 GIA limited edition (1GB memory, 20GB SSD, 500GB monthly traffic), $79.99/year

DC6 GIA and Japan SoftBank line limited edition (1GB memory, 20GB SSD, 500GB monthly traffic), $89.99/year

Japan SoftBank line limited edition (512MB memory, 10GB SSD, 500GB monthly traffic), $69.99/year

Special model: FREE PLAN with free IP change within 14 days (2G memory, 40GB SSD, 2000GB monthly traffic), $89.99/year 👍🏻

If the above links are all out of stock, it means it's too hot.

You can also try another always in stock US GIA package (1G memory, 20GB SSD, 1000GB monthly traffic, 1G bandwidth), $49.9/year

The above can all use the cycle discount code: BWHNCXNVXV (6.81%)

DC9 test IP: 89.208.246.192

DC6 test IP: 162.244.241.102

SoftBank test IP: 185.212.59.222