Recommendations

Vendors can prevent this problem by monitoring the Creator IDs at the operating system layer and disallowing duplicates. Furthermore, a complete traversal of the list could take place upon each application launch and if duplicate Creator IDs are found, neither application is executed and user intervention would be required. While this opens a window for denial-of-service-style attacks, it closes an obvious Trojan horse attack which is potentially much more damaging.