What makes the threat particularly dangerous is not just because it is being utilized, but also because it allows a person to remotely execute malware on an computer.
7-zip, one of the world’s most popular file compressors, contains a zero-day vulnerability that might allow an attacker to get administrator access. Although compression software is available for many platforms, it appears that the CVE-2022-29072 flaw now affects just Windows users. The discoverer, a GitHub user called Kagancapar, detailed how the weakness works and provided a video illustrating how it may be abused. According to the researcher, the problem, which may be ascribed to the way the Windows assistance system works, is not solely the responsibility of the 7-Zip creators. An attacker just has to generate a file with the.7z extension, which, when dragged onto the program’s help page, offers the ability to execute code on the system with administrator rights.
According to Kangacapar, the obligation of the designers of 7-Zip comes when, after dragging the file, the executable ends up with certain access capabilities that it should not have. The issue affects all Windows versions of the application, including the most recent (21.97), which has yet to be patched.
To protect yourself, remove the 7-zip.chm file from the program installation location or restrict its read and write rights. In the latter instance, the setting must be performed on all users who have access to the computer in order to ensure its security. Commenting on the issue, the fact that the problem has been made public should encourage the deployment of a remedy as soon as possible. The tool was released in 1999 as a free alternative to popular alternatives such as WinRAR and is now available in 89 languages for Windows, BSD, MacOS, Linux, and ReactOS.