Add URL scheme validation to prevent command injection via Process.Start

- HelpMenu.cs: Add https/http scheme validation to OpenUrl() to prevent
  custom URI scheme exploitation
- UpdateWindow.cs: Add scheme validation alongside existing IsFile/IsUnc/IsLoopback
  checks to only allow http/https URLs
- ProgramRoot.cs: Add https:// prefix validation for network-fetched downloadUrl
  before passing to Process.Start with UseShellExecute=true

Co-authored-by: Kvarkas <3611964+Kvarkas@users.noreply.github.com>

mRemoteNG/App/ProgramRoot.cs

@@ -64,7 +64,9 @@ namespace mRemoteNG.App
                     {
                         try
                         {
-                            Process.Start(new ProcessStartInfo(fileName: downloadUrl) { UseShellExecute = true });
+                            if (!string.IsNullOrEmpty(downloadUrl) &&
+                                downloadUrl.StartsWith("https://", StringComparison.OrdinalIgnoreCase))
+                                Process.Start(new ProcessStartInfo(fileName: downloadUrl) { UseShellExecute = true });
                         }
                         catch (Exception ex)
                         {

mRemoteNG/UI/Menu/msMain/HelpMenu.cs

@@ -204,6 +204,11 @@ namespace mRemoteNG.UI.Menu
         
         private static void OpenUrl(string url)
         {
+            if (string.IsNullOrWhiteSpace(url) ||
+                (!url.StartsWith("https://", StringComparison.OrdinalIgnoreCase) &&
+                 !url.StartsWith("http://", StringComparison.OrdinalIgnoreCase)))
+                return;
+
             var startInfo = new ProcessStartInfo
             {
                 FileName = url,

mRemoteNG/UI/Window/UpdateWindow.cs

@@ -99,6 +99,13 @@ namespace mRemoteNG.UI.Window
                 return;
             }
 
+            // Only allow http/https URLs to prevent exploitation via custom URI schemes
+            if (!linkUri.Scheme.Equals("https", StringComparison.OrdinalIgnoreCase) &&
+                !linkUri.Scheme.Equals("http", StringComparison.OrdinalIgnoreCase))
+            {
+                return;
+            }
+
             var startInfo = new ProcessStartInfo
             {
                 FileName = linkUri.ToString(),