BrikoX@lemmy.zipM to Technology@lemmy.zipEnglish · 1 day agoWide-ranging 7-zip vulnerability with 8.8 CVE rating allows for code execution — hundreds of millions of machines potentially at riskwww.tomshardware.comexternal-linkmessage-square17linkfedilinkarrow-up1139arrow-down12file-text
arrow-up1137arrow-down1external-linkWide-ranging 7-zip vulnerability with 8.8 CVE rating allows for code execution — hundreds of millions of machines potentially at riskwww.tomshardware.comBrikoX@lemmy.zipM to Technology@lemmy.zipEnglish · 1 day agomessage-square17linkfedilinkfile-text
minus-squareSteleTrovilo@beehaw.orglinkfedilinkEnglisharrow-up5·14 hours agoAccording to the last paragraph, the vulnerability is in reading the archive itself, not the decompressed contents.
minus-squareKactus@piefed.worldlinkfedilinkEnglisharrow-up2·2 hours agoI think what quick snail is saying is that if you are going to download a malicious zip file you are just as likely to unzip the archive and run the program inside. It’s a lot easier to just have a malicious payload inside the archive.
According to the last paragraph, the vulnerability is in reading the archive itself, not the decompressed contents.
I think what quick snail is saying is that if you are going to download a malicious zip file you are just as likely to unzip the archive and run the program inside. It’s a lot easier to just have a malicious payload inside the archive.