Merge pull request #528 from fireeye/williballenthin-patch-2

explorer: readme: document IDA 7.6 patch

CHANGELOG.md

@@ -18,6 +18,7 @@ The first Python 3 ONLY capa version.
 
 - py3: drop Python 2 support #480 @Ana06
 - deps: bump ruamel yaml parser to 0.17.4 #519 @williballenthin
+- explorer: explain how to install IDA 7.6 patch to enable the plugin #528 @williballenthin
 
 ### Development
 

capa/ida/plugin/README.md

@@ -38,9 +38,25 @@ capa explorer supports Python >= 3.6 and the following IDA Pro versions:
 
 * IDA 7.4
 * IDA 7.5
+* IDA 7.6 (caveat below)
 
 If you encounter issues with your specific setup, please open a new [Issue](https://github.com/fireeye/capa/issues).
 
+#### IDA 7.6 caveat: IDA needs a patch
+
+As described [here](https://www.hex-rays.com/blog/ida-7-6-empty-qtreeview-qtreewidget/):
+
+> A rather nasty issue evaded our testing and found its way into IDA 7.6: using the PyQt5 modules that are shipped with IDA, QTreeView (or QTreeWidget) instances will always fail to display contents.
+
+Therefore, in order to use capa under IDA 7.6, you need to download and install the fix corresponding to your IDA installation, replacing the original QtWidgets DLL with the one contained in the .zip file (links to Hex-Rays):
+
+
+  - Windows: [pyqt5_qtwidgets_win](https://www.hex-rays.com/wp-content/uploads/2021/04/pyqt5_qtwidgets_win.zip)
+  - Linux: [pyqt5_qtwidgets_linux](https://www.hex-rays.com/wp-content/uploads/2021/04/pyqt5_qtwidgets_linux.zip)
+  - MacOS (Intel): [pyqt5_qtwidgets_mac_x64](https://www.hex-rays.com/wp-content/uploads/2021/04/pyqt5_qtwidgets_mac_x64.zip)
+  - MacOS (AppleSilicon): [pyqt5_qtwidgets_mac_arm](https://www.hex-rays.com/wp-content/uploads/2021/04/pyqt5_qtwidgets_mac_arm.zip)
+
+
 ### Supported File Types
 
 capa explorer is limited to the file types supported by capa, which include: