April 25, 2024
Headlines

Workaround for security issue in 7-Zip until fixed

Miners Hashrate04 mins
solución de vulnerabilidad de 7-zip

Workaround for security issue in 7-Zip until fixed

Recent versions of the open source archiver 7 zips have a vulnerability that has not yet been fixed. Successful exploitation of the vulnerability allows privilege escalation and command execution; it seems that the problem can only be exploited locally.

Filed under CVE-2022-29072, the vulnerability uses the included 7-Zip helper file, 7-zip.chm, for exploitation. Attackers must drag and drop files with the 7z extension into the Help > Contents area in the 7-Zip interface.

Details of the vulnerability have been published on GitHub. The page provides technical information and a short video demonstration of the exploit.

It is unclear if and when 7-Zip will address the issue. The latest app update dates back to the release of 7-Zip in December 2021

Application users can use the following workaround to mitigate the vulnerability on their devices. Since it uses the included help file, one way to fix the problem is to remove the help file.

  1. Open the 7-Zip installation directory or folder on your system. On Windows, these are usually C:Program Files7-Zip or C:Program Files (x86)7-Zip, depending on whether the 64-bit or 32-bit version of the application is installed.
  2. Find the 7-Zip.chm file; this is the help file. You can open it directly to display its content.
  3. Press the Delete button on the keyboard or right-click on the file and select the Delete option from the context menu to remove it from the system.
  4. You may receive a message, File Access Denied. If that is the case, select Continue.
Read This Now:   How to customize the Windows 11 taskbar to look like the macOS Dock

The file is moved to the operating system’s recycle bin by default. The functionality of 7-Zip is not reduced when you remove the help file. The Help file will no longer open after removal, when you select Help > Contents in the 7-Zip File Manager or press the F1 key on the keyboard.

closing words

Deleting the help file takes no more than a minute. While it seems unlikely that the issue will be exploited on a large scale, most users may want to remove the Help file to protect their systems against the vulnerabilities targeting the issue.

Now you: what filing cabinet do you use? (via Desktop Modifier)

advertising

Related posts:

Como usar juegos Steam sin conexión a internetHow to access Steam games without an internet connection Cómo ver FPS con Xbox Game Bar Windows 10How to view FPS with Xbox Game Bar in Windows 10: Steps Made Easy ¿Cuenta hackeada? Cómo comprobarlo y remediarloHacked account? How to check and remedy WhatsApp WebHow to make video calls from WhatsApp Web How-to-increase-the-RAM-memory-of-a-desktop-or-laptop-Tips-and-TricksHow to increase the RAM memory of a desktop or laptop + Tips and Tricks Suscripciones de YouTubeHow to organize your YouTube subscriptions into categories + Tips and Tricks

Related News


Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /home/gamefeve/bitcoinminershashrate.com/wp-includes/functions.php on line 5420

Notice: ob_end_flush(): failed to send buffer of zlib output compression (1) in /home/gamefeve/bitcoinminershashrate.com/wp-includes/functions.php on line 5420