Friday, November 22, 2024
HomeComputer SecurityCritical Security Vulnerability Affects All the Versions of 7-Zip Prior to 18.05

Critical Security Vulnerability Affects All the Versions of 7-Zip Prior to 18.05

Published on

7-Zip is a free open source archiver with a high compression ratio. It is under the License of GNU LGPL & BSD 3-clause and can be used in any computers, including computers in the commercial organization.

The software is in use for more than 18 years its initial release was on 18 July 1999 and the last stable release on April 30, 2018, version 18.05.

A critical arbitrary code execution vulnerability discovered in 7-Zip affects all the versions of the software prior to 18.05.

- Advertisement - SIEM as a Service

By exploiting this vulnerability attackers could gain full access associated with the user profile and they can install view, change, or delete data; or create new accounts with full user rights.

Admin user accounts will be highly impacted by this vulnerability and the low privileged users are less impacted.

According to Center of Security threat intelligence “There are currently no reports of this vulnerability being exploited in the wild”.

The vulnerability is due to lack of address space layout randomization (ASLR) on the main executables (7zFM.exe, 7zG.exe, 7z.exe) which cause memory corruptions that lead to arbitrary code execution (CVE-2018-10115).

Mitigations

  • Update 7-Zip to the latest version 18.05.
  • Running the software as a non-privileged user.
  • Apply minimal privilege to all systems and services.
Gurubaran
Gurubaran
Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.

Latest articles

240+ Domains Used By PhaaS Platform ONNX Seized by Microsoft

Microsoft's Digital Crimes Unit (DCU) has disrupted a significant phishing-as-a-service (PhaaS) operation run by...

Russian TAG-110 Hacked 60+ Users With HTML Loaded & Python Backdoor

The Russian threat group TAG-110, linked to BlueDelta (APT28), is actively targeting organizations in...

Earth Kasha Upgraded Their Arsenal With New Tactics To Attack Organizations

Earth Kasha, a threat actor linked to APT10, has expanded its targeting scope to...

Raspberry Robin Employs TOR Network For C2 Servers Communication

Raspberry Robin, a stealthy malware discovered in 2021, leverages advanced obfuscation techniques to evade...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Digital Wallets Bypassed To Allow Purchase With Stolen Cards

Digital wallets enable users to securely store their financial information on smart devices and...

Critical PDF.js & React-PDF Vulnerabilities Threaten Millions Of PDF Users

A new critical vulnerability has been discovered in PDF.js, which could allow a threat...

Best SIEM Tools List For SOC Team – 2024

The Best SIEM tools for you will depend on your specific requirements, budget, and...