Wide-ranging 7-zip Vulnerability Exposes Millions to Code Execution Risks

Major 7-Zip Vulnerability Detected 🚨

The ever-popular open-source archive-handling utility 7-Zip is now in the spotlight due to an 8.8-rated CVE vulnerability in its archive-opening procedure. If a user simply opens a booby-trapped crafted archive (.7z, .zip, .rar, etc.) on a machine with at least 16 GB of RAM, they’ll be running malicious code. Extracting the archive isn’t necessary; only opening it is enough. We recommend that everyone immediately update to the latest version, 26.01, published in late April; all previous versions are vulnerable.

The actual vulnerability is fairly complicated to describe, but it pertains to a part of code that 7-Zip can use to open NTFS disk images. Opening .ntfs and .img disk images has long been a feature of 7-Zip, and there’s a bug in the code that allows an attacker to provide incorrect values for a buffer, which in turn can be made bigger than intended and contain malicious code to be executed. If by now you’re thinking “I don’t use those file types”, 7-Zip doesn’t use the file extension to determine its type — it relies on the file’s first few bytes, so providing a malicious NTFS image inside a .7z, .rar, .zip (and others) will work just fine.

For more details, check out the full article here: Read full article