Hackers can use WinZip insecure server connection to drop malware

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/hackers-can-use-winzip-insecure-server-connection-to-drop-malware/

The server-client communication in certain versions of the WinZip file compression tool is insecure and could be modified to serve malware or fraudulent content to users.

WinZip is currently at version 25 but earlier releases check the server for updates over an unencrypted connection, a weakness that could be exploited by a malicious actor.

Martin Rakhmanov of Trustwave SpiderLabs The researcher captured the traffic from a vulnerable version of the tool to show that the unencrypted communication.

With the release of WinZip 25, cleartext communication no longer occurs. Users are advised to upgrade to the latest version of the application.

Many users may not jump at getting the current release, though, because upgrades are paid. The standard WinZip costs $35.64 and the Pro edition is $59.44.

If upgrading the software is not an option, users are advised to disable update checks. This will stop the client from querying the WinZip server for the availability of a new version.

Hackers can use WinZip insecure server connection to drop malware

The server-client communication in certain versions of the WinZip file compression tool is insecure and could be modified to serve malware or fraudulent content to users.

www.bleepingcomputer.com

 

[bayasdev]

Idk who actually pays for WinZip, ZIP it's an open archiver format unlike RAR which can only be created by WinRAR so any free program like 7Zip or Bandizip can do the job better than WinZip.