Too Long; Didn't Read
While browsing Twitter I’ve noticed <a href="https://electronjs.org/blog/protocol-handler-fix" target="_blank">ElectronJS remote code execution vulnerability</a> in protocol handler. That sounds severe. As stated in official description, for application to be vulnerable is enough to register itself as default handler for some protocol. I had one application based on Electron installed on my laptop that I was looking into some time ago — <a href="https://www.exodus.io/" target="_blank">Exodus</a> cryptocurrencies wallet. I knew that it registers itself as a handler for <em>exodus://</em> URI scheme.