Skip to content

Security: KuatoDev/WINCross

Security

SECURITY.md

Security Policy

Supported Versions

The following versions of WINCross are currently receiving security updates:

Version Supported
1.0.x
< 1.0

Reporting a Vulnerability

If you discover a security vulnerability in WINCross, please follow these steps:

How to Report

  1. Submit through GitHub Security (Preferred Method)

  2. Alternative Method

    • Create a new issue with the "security" label
    • For sensitive vulnerabilities, please use the Security Advisory option instead

What to Include

  • Detailed description of the vulnerability
  • Affected component(s) of the application
  • Steps to reproduce with clear instructions
  • Potential impact and severity assessment
  • Environment details (Android version, device model, root method)
  • Screenshots or logs (if applicable)
  • Suggested fix (if available)

What to Expect

  1. Initial Response: We aim to acknowledge your report as fast as possible
  2. Verification Process: We will verify the vulnerability and assess its impact
  3. Resolution Timeline: Based on severity, we will provide an estimated fix timeline
  4. Status Updates: You will receive regular updates on our progress
  5. Fix Implementation: Critical issues will be prioritized for immediate patches
  6. Public Disclosure: Coordinated after a fix is available and deployed

Responsible Disclosure Guidelines

  • Please allow us reasonable time to investigate and address the vulnerability
  • Do not publicly disclose the issue until we have released a fix
  • Do not access, modify, or delete data belonging to other users
  • Do not exploit the vulnerability beyond what is necessary to verify its existence

Security Best Practices for Users

To keep your WINCross installation secure:

  • Always update to the latest version
  • Review permissions granted to the application
  • Be cautious when restoring partition backups
  • Use reliable root solutions (Magisk/KernelSU)
  • Report any suspicious behavior immediately

Acknowledgments

We appreciate security researchers who help improve WINCross's security. Contributors who report valid vulnerabilities will be acknowledged (with permission) in our release notes.

Thank you for helping keep WINCross and its users secure!

There aren't any published security advisories