Major Windows Security Flaw Discovered Within 7-ZIP Compression Software
Mike Sanders / 3 years ago
I daresay that many of you reading this probably have some kind of compression software installed on your PC or laptop. It’s a pretty common kind of program and is mostly utilised as a means of decompressing files that have been downloaded from the internet (the purpose of the compression being to reduce the amount of size they take up). – If you do, however, use 7-ZIP (a very popular choice) then you might want to take hope as following a post on Github, it has been discovered that the software contains a huge security flaw for Windows-based operating systems!
Huge Windows Security Flaw Found in 7-ZIP
Being categorised as a ‘zero day’ flaw (meaning it’s been there ever since the software was created), the issue with 7-ZIP is quite concerning. Although the nature of this security exploit is quite complicated, as you might expect, I will try and break it down into some easy points.
- The overall presumption is that someone (with or without your knowledge) may have low-level access to your PC and/or laptop
- Through this, the 7-ZIP program can be started as this is basically deemed a low-security risk piece of software
- 7-ZIP as part of its software utilises the Windows help application (hh.exe)
- Through this access, the remote user can escalate their system privileges to the highest-level meaning they can, more or less, do anything to your files and/or configuration. This includes downloading, installing, and executing malware.
Although only an issue affecting Windows-based systems (due to the aforementioned Windows help application) this security risk isn’t just a concept or theory. As per the video below, you can see how the compression software can be utilised to give a remote user ‘admin’ level of access to a PC/laptop. – In other words, this is an issue that exists, right now, on Windows computers with 7-ZIP installed.
What Should I Do?
As above, the security flaw only really presents a problem if an unauthorised person has access to your system. Admittedly though, and especially so for the more generic user, it can sometimes be very difficult to know if someone is lurking around that shouldn’t. – While an update for 7-ZIP is undoubtedly on the way in the very near future to resolve the problem, there are 2 known workarounds at the time of writing to temporarily resolve the problem:
- If 7-zip does not update, delete the “7-zip.chm” file within the main directory. This should plug the metaphorical security hole while not affecting the software
- Alternatively, simply set 7-ZIP to only have read and run permissions. (This needs to specifically be set for all users)
While this news might sound shocking on the surface, it should be noted that security flaws like this are discovered pretty much all the time. And this includes far more widely-used pieces of software. – More than anything though, this should just highlight the need to always be vigilant online!
You can, incidentally, check out the full blog post regarding the 7-ZIP security flaw via the link here (Google translate might be your friend here)!
What do you think? – Let us know in the comments!