Security News Corruption, code execution vulnerabilities patched in open source archiver 7-ZIP

[LabZero]

Content source

https://threatpost.com/corruption-code-execution-vulnerabilities-patched-in-open-source-archiver-7-zip/118061/

Several vulnerabilities were fixed this week in the file archiver 7-Zip that could have led to arbitrary code execution and file corruption. The developer behind the tool-which is open source and can be used with any compression, conversion, or encryption method-is urging users to update to the most recent patched version, 16.00, as soon as possible to mitigate the issues.

Full article

 

[hjlbx]

It is best practice to add any archiver to exploit mitigations in EMET, HMP.A, or MBAE and make it a Guarded App in AppGuard.

WinRAR, for example, had exploit vulnerabilities for years before they were identified and fixed.

 

[Azure]

It is best practice to add any archiver to exploit mitigations in EMET, HMP.A, or MBAE and make it a Guarded App in AppGuard.

WinRAR, for example, had exploit vulnerabilities for years before they were identified and fixed.

Interesting. On HMP.A, in what template should we add 7-zip?

 

[hjlbx]

Interesting. On HMP.A, in what template should we add 7-zip?

Other - and disable Application Lockdown mitigation.

If you leave Application Lockdown mitigation enabled, then any extracted files that you try to execute will be blocked.