diff --git a/ChangeLog.txt b/ChangeLog.txt
index ee68e729..21f56a22 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,7 @@
+Security:
+- On Windows the Mosquitto service was being installed without appropriate
+  path quoting, this has been fixed.
+
 Broker:
 - Fix usage message only mentioning v3.1.1. Closes #1713.
 - Fix broker refusing to start if only websockets listeners were defined.
diff --git a/src/service.c b/src/service.c
index 08099aa5..199afe32 100644
--- a/src/service.c
+++ b/src/service.c
@@ -70,7 +70,7 @@ void __stdcall service_main(DWORD dwArgc, LPTSTR *lpszArgv)
 
 	service_handle = RegisterServiceCtrlHandler("mosquitto", service_handler);
 	if(service_handle){
-		memset(conf_path, 0, MAX_PATH + 20);
+		memset(conf_path, 0, sizeof(conf_path));
 		rc = GetEnvironmentVariable("MOSQUITTO_DIR", conf_path, MAX_PATH);
 		if(!rc || rc == MAX_PATH){
 			service_status.dwCurrentState = SERVICE_STOPPED;
@@ -103,25 +103,26 @@ void __stdcall service_main(DWORD dwArgc, LPTSTR *lpszArgv)
 void service_install(void)
 {
 	SC_HANDLE sc_manager, svc_handle;
-	char exe_path[MAX_PATH + 5];
+	char service_string[MAX_PATH + 20];
+	char exe_path[MAX_PATH + 1];
 	SERVICE_DESCRIPTION svc_desc;
 
-	memset(exe_path, 0, MAX_PATH+5);
+	memset(exe_path, 0, sizeof(exe_path));
 	if(GetModuleFileName(NULL, exe_path, MAX_PATH) == MAX_PATH){
 		fprintf(stderr, "Error: Path too long.\n");
 		return;
 	}
-	strcat(exe_path, " run");
+	snprintf(service_string, sizeof(service_string), "\"%s\" run", exe_path);
 
 	sc_manager = OpenSCManager(NULL, NULL, SC_MANAGER_CREATE_SERVICE);
 	if(sc_manager){
 		svc_handle = CreateService(sc_manager, "mosquitto", "Mosquitto Broker", 
 				SERVICE_START | SERVICE_STOP | SERVICE_CHANGE_CONFIG,
 				SERVICE_WIN32_OWN_PROCESS, SERVICE_AUTO_START, SERVICE_ERROR_NORMAL,
-				exe_path, NULL, NULL, NULL, NULL, NULL);
+				service_string, NULL, NULL, NULL, NULL, NULL);
 
 		if(svc_handle){
-			svc_desc.lpDescription = "MQTT v3.1.1 broker";
+			svc_desc.lpDescription = "Eclipse Mosquitto MQTT v5/v3.1.1 broker";
 			ChangeServiceConfig2(svc_handle, SERVICE_CONFIG_DESCRIPTION, &svc_desc);
 			CloseServiceHandle(svc_handle);
 		}else{