⚠️ New 7-Zip Software Exploit Found! - Here's The Fix

Показать описание

C:\Program Files\7-Zip

Рекомендации по теме

Комментарии

i caught this 7 seconds after it was uploaded, i feel powerful

benwaffleiron

My 40 day win rar trial going strong for the 2nd year

Ishan.khanna

Wow! I'm glad I caught this video's notification. I'm going to implement the fix you recommend immediately. By the way, happy birthday tomorrow!

snarkykat

we've really reached the point where people are exploiting HELP to get system-breaking bugs

BetaMaster

me using file manager in linux: you have no power

aerglass

You should probably remove this video since the vulnerability ended up being a hoax

Leo-sdjt

I'm guessing this issue comes from some legacy Windows component rather than 7zip itself, since it's very unlikely that 7zip can, by itself, be used to gain system privileges.

SkyyySi

Interesting, though a hacker would need access to your system to begin with for it to be useful to them.

nrg

I've been using 7-Zip myself and I've been recommending it to other people. Thank you so much for telling us about such a thing !

matiinb

Thanks for the headups gonna fix this asap.

baddealrage

For the people not seeing it show up, it is the file with the yellow questionmark as a logo.
Credits to: Łukasz R.

strikeshock

Does this only affect certain versions? I have an older version, and, when I checked my 7Zip directory, it didn't have a chm file at all

PokemarioThend

This only effects the latest version of 7zip btw. Older versions are uneffected.

sasshadow

Am I the only one who don't understand how someone can use this to harm me? I will NEVER drag and drop anything to opened help window. I rarely even open help in any application let alone that I will come to idea to drag and drop something in that window. :)
So, can this exploit be used for other application that uses the same help file mechanism?

ksrele

I think this is an april fools joke by the original bug reporter. The exploit has been disputed by researchers.

elliejohnson

@ThioJoe, the CVE is currently being disputed because for the vulnerability to work, you need UAC to be turned off, which is obviously a bad idea and nobody should have it turned off in the first place.

kyonblack

Thanks! And i'm already subscribed, for a long time now.

RaptorZX

Joe saving the day as always, thank you king

hospie

Me on my phone: “You have no power here”

agentgrim

I researched a bit about the vulnerability and it seems that it won’t affect you unless your computer is already hacked and can be accessed remotely by a malicious actor. The exploit relies on dragging a prepared 7z file into the help menu. Realistically, that wouldn’t affect most people. There’s still no patch after 3 weeks though, which is a bit strange to me.

jendorei

⚠️ New 7-Zip Software Exploit Found! - Here's The Fix

⚠️ New 7-Zip Software Exploit Found! - Here's The Fix

New 7-Zip Archiver Hack Reveals a long-Ignored Windows Vulnerability

7-zip zero day vulnerability CVE-2022-29072 - UPDATE - vuln is disputed

breaking windows with the 7zip exploit

Schwachstelle - 7zip Exploit & Fix

i dove down the 7zip rabbit hole (extremely deep)

How to exploit CVE-2022-29072: 7-Zip Command execution

7-Zip Software Exploit Behebung

TryHackMe's Day 23 of Advent of Cyber 2024

7-ZIP CVE-2022-29072 Most Suitable Workaround (Fix) - Reversable!

CVE-2022-29072 - 7-Zip Local Privilege Escalation

Just use 7 Zip.

Is 7zip safe?

SOLVED : 7-Zip - Unsupported Command issue #shorts #computer #computertipsandtricks #zip

7Zip Takes a Half-Step to Blocking Malware

RIP WinRAR

7-Zip 18.05 Vulnerability

Critical 7-Zip Vulnerability | Praina Tech | Cybersecurity Podcast

windows privilege escalation with 7zip

5/10/18 7-zip vulnerability | AT&T ThreatTraq

How To Extract WITHOUT Winrar or 7-Zip

7-Zip install and tutorial: The best free file archiver you'll ever need

Microsoft Windows Tip - Efficiently Unzip Files

Useful PC Apps: Part 10 - 7-Zip is a free file archiver with high compression ratio.