1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • 7-zip vulnerability gives hackers the keys to the kingdom

    From TechnologyDaily@1337:1/100 to All on Tue Apr 19 13:00:03 2022
    7-zip vulnerability gives hackers the keys to the kingdom

    Date:
    Tue, 19 Apr 2022 11:45:06 +0000

    Description:
    A researcher demonstrated an easy way to gain elevated privileges on a
    Windows device.

    FULL STORY ======================================================================

    A threat actor could abuse the popular archiving app , 7-zip and gain
    elevated privileges on a device to which they already have access.

    A GitHub user going by the name Kagancapar discovered a zero-day
    vulnerability in 7-zip for the Windows operating system (OS). The findings, posted on GitHub, revealed that, "Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area."

    Heres how it works: a threat actor crafts a malicious file, and gives it a
    .7z extension (the one that an archive compressed with 7-zip can have). They then need to drag and drop that file onto the 7-zip help window, and run a command in admin mode.

    Share your thoughts on Cybersecurity and get a free copy of the Hacker's Manual 2022 . Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at the end of this survey to get the bookazine, worth $10.99/10.99. Waiting for a patch

    After that, theyll get elevated privileges on the target endpoint, allowing them to run more complex commands and run different apps. More details can be found in this proof-of-concept video .

    The vulnerability is now tracked as CVE-2022-29072. The latest 7-zip version is 21.07, released in late December last year, which means the zero-day was not yet patched.

    Those worried about potentially being targeted through 7-zip can protect
    their virtual premises by deleting the 7-zip.chm file, Toms Hardware
    reported. Another method is to grant 7-zip only read and run permissions for all users. Read more

    7-Zip review


    Download 7-Zip: 5 reasons why it surpasses the Windows zipper-upper


    Best free WinZip alternative 2022: compress and extract file archives

    The file compression company doesnt seem to have commented on the vulnerability much, other than refusing to take responsibility for the flaw, given that it depends on Microsoft Help in Windows. However, as Kagancapar explained, dropping the malicious file on the Help window triggers a heap overflow in 7zFM.exe, which leads to the escalation of privilege, arguing
    that for this reason alone - its 7-zip who should be addressing the issue.

    7-zip is one of the three most popular file archiving applications, whose popularity is only rivaled by giants WinZIP and WinRaR. If you're looking for a place to host your files, check out these best services around

    Via: Tom's Hardware



    ======================================================================
    Link to news story: https://www.techradar.com/news/7-zip-vulnerability-gives-hackers-the-keys-to-t he-kingdom/


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)