Researcher Discovers ‘Multiple’ Exploitable Vulnerabilities In 7-Zip

A new vulnerability has been uncovered in an 7-Zip, an open source compression tool used by many companies to shrink their software

“7-Zip is an open-source file archiving application which features optional AES-256 encryption, support for large files, and the ability to use ‘any compression, conversion or encryption method’,” explained Jaeson Schultz, a security researcher for Cisco’s Talos division in a blog.

“Recently Cisco Talos has discovered multiple exploitable vulnerabilities in 7-Zip. These type of vulnerabilities are especially concerning since vendors may not be aware they are using the affected libraries. This can be of particular concern, for example, when it comes to security devices or antivirus products.”

Zip Flaw

The researcher found an “out-of-bounds read vulnerability in the way 7-Zip handles Universal Disk Format (UDF) files.”

“This vulnerability can be triggered by any entry that contains a malformed Long Allocation Descriptor,” Schultz warned.

And that is not the only flaw. The researcher also found a heap overflow vulnerability.

“An exploitable heap overflow vulnerability exists in the Archive::NHfs::CHandler::ExtractZlibFile method functionality of 7-Zip,” he said.

“Sadly, many security vulnerabilities arise from applications which fail to properly validate their input data. Both of these 7-Zip vulnerabilities resulted from flawed input validation. Because data can come from a potentially untrusted source, data input validation is of critical importance to all applications’ security.”

Upgrade Now

Schultz said he had worked responsibly with 7-Zip to fix the issues and urged users to update their vulnerable versions of 7-Zip to the latest revision, version 16.00, as soon as possible.

Cisco perhaps isn’t the first name that comes to mind when you think of major security vendors but the company recently claimed it has the “largest security business on the planet”, with 5,000 staff and $2 billion in revenue.

Last October Cisco closed down a highly profitable ransomware operation. That criminal gang were using the notorious Angler Exploit Kit to generate an estimated $60 million (£39m) annually by delivering ransomware to unsuspecting people browsing the Internet.

Do you know the secrets of Cisco? Take our quiz!