Shifting the updater to use https in place of present plaintext http can be fantastic and simple first step. It is awesome reward if Additionally, it checks new exe's signature, but in initial area, it should not let any one on the way in which to intercept requests so effortlessly.*) make DLL hijacking attack not do the job: Winbox will not likely