CWE-428 & BestPractice ActiveSetup Fix

When using ActiveSetup to a Path with Spaces PADT does not add Quotes like other Windows Preconfigured ActiveSetups

When quotes are not used on paths with spaces an attacker could run a different program in its place as discribed in CWE-428 (CWE - CWE-428: Unquoted Search Path or Element (4.8))

This vulnerability can be easily fixed by making the following changes in the Set-ActiveSetup Function

    ## Define Active Setup StubPath according to file extension of $StubExePath
		Switch ($StubExeExt) {
			'.exe' {
				[string]$CUStubExePath = "$StubExePath"
				[string]$CUArguments = $Arguments
                     ## ADDS QUOTES TO ALL PATHS
				[string]$StubPath = "`"$CUStubExePath`""
			}

It can also be added to the $CUStubExePath of the other Switches but since the paths to powershell.exe/cscript.exe/cmd.exe do not contain spaces it is not strictly necessary


			'.js' {
				[string]$CUStubExePath = "$envWinDir\system32\cscript.exe"
				[string]$CUArguments = "//nologo `"$StubExePath`""
				[string]$StubPath = "`"$CUStubExePath`" $CUArguments"
			}
			'.vbs' {
				[string]$CUStubExePath = "$envWinDir\system32\cscript.exe"
				[string]$CUArguments = "//nologo `"$StubExePath`""
				[string]$StubPath = "`"$CUStubExePath`" $CUArguments"
			}
			'.cmd' {
				[string]$CUStubExePath = "$envWinDir\system32\CMD.exe"
				[string]$CUArguments = "/C `"$StubExePath`""
				[string]$StubPath = "`"$CUStubExePath`" $CUArguments"
			}
			'.ps1' {
				[string]$CUStubExePath = "$PSHOME\powershell.exe"
				[string]$CUArguments = "-ExecutionPolicy Bypass -NoProfile -NoLogo -WindowStyle Hidden -Command `"& { & `\`"$StubExePath`\`"}`""
				[string]$StubPath = "`"$CUStubExePath`" $CUArguments"
			}

Alternatively a new detection/function should be added to add quotes only on paths with spaces and ommit them if no spaces are detected

Possibly other places in PADT are affected as well and dont have quoted paths with spaces