BrikoX@lemmy.zipM to Technology@lemmy.zipEnglish · 12 days agoWide-ranging 7-zip vulnerability with 8.8 CVE rating allows for code execution — hundreds of millions of machines potentially at riskwww.tomshardware.comexternal-linkmessage-square17linkfedilinkarrow-up1146arrow-down12file-text
arrow-up1144arrow-down1external-linkWide-ranging 7-zip vulnerability with 8.8 CVE rating allows for code execution — hundreds of millions of machines potentially at riskwww.tomshardware.comBrikoX@lemmy.zipM to Technology@lemmy.zipEnglish · 12 days agomessage-square17linkfedilinkfile-text
minus-squareSteleTrovilo@beehaw.orglinkfedilinkEnglisharrow-up5·11 days agoAccording to the last paragraph, the vulnerability is in reading the archive itself, not the decompressed contents.
minus-squareKactus@piefed.worldlinkfedilinkEnglisharrow-up3·10 days agoI think what quick snail is saying is that if you are going to download a malicious zip file you are just as likely to unzip the archive and run the program inside. It’s a lot easier to just have a malicious payload inside the archive.
According to the last paragraph, the vulnerability is in reading the archive itself, not the decompressed contents.
I think what quick snail is saying is that if you are going to download a malicious zip file you are just as likely to unzip the archive and run the program inside. It’s a lot easier to just have a malicious payload inside the archive.