The Information Highway

The Information Highway
Font size: +
  Print
2 minutes reading time (311 words)

7-Zip vulnerability

1 Hits

Threat update

A security vulnerability in 7-Zip allows remote attackers to bypass defenses and execute malicious code via specially crafted archives. Read this Cybersecurity Threat Advisory to learn how to mitigate your risk from this new threat. 

Technical Detail and Additional Info

What is the threat?

The vulnerability exists within the Zstandard decompression implementation where improper validation of data can result in an integer underflow before writing to the memory. This vulnerability is incredibly easy to exploit. Threat actors can exploit any specific flaw in the implementation of the program's Zstandard decompression, upon which the validation of user-supplied data can then be leveraged to execute code on the user's machine. 

Why is it noteworthy?

While CVE-2024-11477 likely requires user interaction, such as opening a file, attackers can use the compromised archives to install malware on the victim's PC. Once inside, attackers can convince users to open specially crafted archives and leverage them to spread malware further through emails or shared files.

What is the exposure or risk?

7-Zip requires users to manually update the app. This means the effect of the vulnerability may linger until users updates their app. Anyone who uses 24.07 or earlier versions of 7-Zip are potentially compromised because of this vulnerability.

What are the recommendations?

 LBT Technology Group strongly recommends users to take these 6action to defend against this threat:

  • Update 7-Zip app to 24.08 or later versions.
  • Educate users to be vigilant and exercise caution when opening files with 7-zip. If they weren't expecting a zip file or don't recognize the sender, they should contact the IT department to verify for any malicious activity.
  • Apply input validation, especially when processing data from potentially untrusted sources.

References

 For more in-depth information about the recommendations, please visit the following links:


If you have any questions, please contact LBT's Sales Engineer.


0
How do you feel about this post?
Happy (0)
Love (0)
Surprised (0)
Sad (0)
Angry (0)
Tags:
move block ​ security vulnerability 7- Zip attackers
RomCom exploits vulnerabilities
Kemp LoadMaster and VMware vCenter vulnerabilities

About the author

LBT Technology Group, LLC.

LBT Technology Group, LLC.

As we navigate our ever-evolving cyber society, LBT Technology Group believes providing comprehensive IT services to others is essential. As a Managed IT Services Provider (MSP), we are positioned to eliminate your pain points by optimizing your technology, mitigating your cyber security risk footprint, and improving your cyber resilence. The focus we place on reducing the presistent cyber security risks to the confidentiality, integrity, and availability of your information systems and our proficiency in restoring IT services in the event of a cyber attack or technology outage separates us from our competitors--WE SIMPLIFY YOUR IT EQUATION.
Author's recent posts
More posts from author

Related Posts

 

Comments

No comments made yet. Be the first to submit a comment
Monday, 02 December 2024

Captcha Image

Top Breaches Of 2023

Customers Affected In T-Mobile Breach
Accounts Affected In MOVEit Breach
Customers Affected In MCNA Insurance Data Breach
Individuals Affected In PharMerica Data Breach
Users Affected In ChatGPT Major Data Breach
*Founder Shield End of Year 2023