Wide-ranging 7-zip vulnerability with 8.8 CVE rating allows for code execution — hundreds of millions of machines potentially at risk

Submitted ⁨⁨3⁩ ⁨weeks⁩ ago⁩ by ⁨BrikoX@lemmy.zip⁩ to ⁨technology@lemmy.zip⁩

https://www.tomshardware.com/tech-industry/cyber-security/wide-ranging-7-zip-vulnerability-with-8-8-cve-rating-allows-for-code-execution-hundreds-of-millions-of-machines-potentially-at-risk

Everyone, get your update hats on immediately; we’re at DEFCON 1

source

Comments

Sort:hotnew top

aeronmelon@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
The 7zip format, or the actual 7zip application?

source
- Prove_your_argument@piefed.social ⁨3⁩ ⁨weeks⁩ ago
  application my man. Literally the first paragraph of the article contains:
  
  If a user simply opens a booby-trapped crafted archive (.7z, .zip, .rar, etc) on a machine with at least 16 GB of RAM, they’ll be running malicious code. Extracting the archive isn’t necessary; only opening it is enough. We recommend that everyone immediately update to the latest version, 26.01, published in late April; all previous versions are vulnerable.
  
  source
  - Prove_your_argument@piefed.social ⁨3⁩ ⁨weeks⁩ ago
    …and because i’m sure people still won’t read the article, this also includes countless things that use 7zip libraries to do zipping actions, including things like file browsers, chocolatey and probably other stuff. 7zip is foss and widely used for all kinds of things t hat go beyond consumer gui usage.
    
    source
    -> View More Comments
  - Aria@lemmygrad.ml ⁨3⁩ ⁨weeks⁩ ago
    What does it mean to open it in this case?
    
    source
  - KeenFlame@feddit.nu ⁨3⁩ ⁨weeks⁩ ago
    So the format.
    
    Or did we talk about if just having a file allows remote execution?
    
    source
YiddishMcSquidish@lemmy.today ⁨3⁩ ⁨weeks⁩ ago

any machine with at least 16gb RAM

Sometimes being broke ain’t all that bad.

source
GalacticGrapefruit@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
Another cataclysmic 7zip vuln???

source
- pianoplant@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  high performance legacy software like this often uses low-level languages like c, c++, and assembly
  
  these low-level languages are extremely powerful but require manual management of memory
  
  that memory management is a common place where bugs like this can be found. This vulnerability is a memory overflow
  
  This kind of bug’s severity and how easily it is to accidentally introduce is why many high performance applications are moving to the rust programming language, which was specifically designed to try and prevent/minimize memory bugs.
  
  source
quick_snail@feddit.nl ⁨3⁩ ⁨weeks⁩ ago
That actually doesn’t seem to be so severe.

How many people download some random archive and then, after extracting it, they double click on the files inside it?

It says the risk of this vuln is arbitrary code execution of a maliciously crafted archive.

After fixing this bug, most 7zip users will still be vulnerable to arbitrary code execution due to maliciously crafted archives.

source
- SteleTrovilo@beehaw.org ⁨3⁩ ⁨weeks⁩ ago
  According to the last paragraph, the vulnerability is in reading the archive itself, not the decompressed contents.
  
  source
  - Kactus@piefed.world ⁨3⁩ ⁨weeks⁩ ago
    I think what quick snail is saying is that if you are going to download a malicious zip file you are just as likely to unzip the archive and run the program inside. It’s a lot easier to just have a malicious payload inside the archive.
    
    source
purplemonkeymad@programming.dev ⁨3⁩ ⁨weeks⁩ ago
It’s not in the 7z compression format, so it might be worth just flagging any file with the ntfs headers for now? I would like to think that av companies could add that.

source
quick_snail@feddit.nl ⁨3⁩ ⁨weeks⁩ ago
As an archivist, that image makes me very sad

source