次の方法で共有

New WinZip vulnerability

  • [アーティクル]

As if you weren't already paranoid enough about ZIP files...

The recent MyDoom virus required you to open a ZIP and then execute one of the files inside the attachment. But a new vulnerability announced by iDEFENSE allows arbitrary code execution just by opening the ZIP file. Note that as of yet I haven't heard of any known malware exploiting this problem, but history shows us that's it's only a matter of time before the next wave hits.

Time to patch your copy of WinZip!

Update 28-Feb:

Thanks to Kevin for pointing out that the problem doesn't actually affect ZIP files; it affects files such as MIM, UUE, etc. but in a default install they will all show the WinZip icon and open with the tool. It's still a great little utility though!

More details can be found here.

Comments

  • Anonymous
    February 27, 2004
    Maybe now is a time to convert to WinRar (you don't have to use the RAR format, it handles ZIP files just fine.)

    I used tar/gzip, then pkzip, then rar and I've stayed with a combo of rar (windows) and tar/gzip (on linux). I still can't believe Winzip still has more or less the same UI after all of this time.
  • Anonymous
    February 27, 2004
    Are people still paying for and using WinZip? I would have thought the number of people using it is fractional now that Windows has support for creating and browsing Zip files. If an exploit is found in the Windows Zip extension that will be something to really worry about...
  • Anonymous
    February 27, 2004
    Call me old fashioned, but I don't want zip files to look like folders. That siadm I agree that WinZip is not the best zip-handler out there. I use PowerArchiver and is very happy with it,
    others use WinRar. And the are both cheaper than WinZip and supports more formats.

    /RS
  • Anonymous
    February 28, 2004
    Acctually, if you read the IDEFENSE article a bit closer, this flaw does not affect ZIP files, but MIME-encoded files.

    And frim WinZip's Web site:

    WinZip 9.0 Fixes a Security Issue with MIME-Encoded Files
    http://www.winzip.com/fmwz90.htm

    </quote>
    Q: What types of files are affected?

    A: Files with the following extensions, which are by default associated with WinZip and which are used in connection with MIME-encoded data, are affected: .MIM, .UUE, .UU, .B64, .BHX, .HQX, and .XXE.

    Other filetypes associated with WinZip, such as .ZIP, .TAR, and .CAB, are not affected.
    </quote>

  • Anonymous
    February 28, 2004
    Thanks Torgeir. The problem is that most people only see the icon, which is the ZIP icon
  • Anonymous
    February 28, 2004
    I'm already getting a bunch of Google hits for "WinZip exploit" and "WinZip vulnerability" in my referrer logs... looks like the kiddies are on the loose again
  • Anonymous
    June 22, 2004
    The comment has been removed
  • Anonymous
    June 22, 2004
    Well, as they say, all generalisations are false ;-)