Hi @ll, according to Microsoft's "Application Verifier" [°] should detect the well-known beginner's error : | Checking for Proper Use of CreateProcess | | Calls to the CreateProcess API function are subject to attack if | parameters are not specified correctly. AppVerifier generates an | error if CreateProcess (or other related API functions) are called | with a NULL lpApplicationName parameter and an lpCommandLine | parameter that contains spaces. For example, it does not allow the | following as the command line parameter: | | c:\program files\sample.exe -t -g c:\program files\sample\test | | Using this command line, an application can inadvertently execute | unwanted code if a malicious user installs his program to C:\Program. Unfortunately the MSDN article cited above tells a blatant lie: Application Verifier does NOT perform the check described there! The sad truth^Wreality is that Application Verifier also performs NO check for other way too common path handling errors, like and plus , well-known as "DLL hijacking" alias "DLL preloading" alias "binary planting" [']. See for an "Application Verifier Provider" which performs the missing checks. stay tuned Stefan Kanthak [°] introduced with Windows XP some 16 years ago, available via as stand-alone package then, later distributed with the "Debugging Tools for Windows", now included in the Windows SDK (see ) ['] see for the full story.