Security10.05.2018

Critical security bug found in 7-Zip

7-zip 7zip

7-Zip has released a patch for a critical security bug (CVE-2018-10115) in the code which allows it to handle RAR files, Sophos reported.

The security researcher who found the bug, and developed a working exploit for it, has subsequently published his findings.

According to the researcher, there were several uninitialised variables in the UnRAR code, as used by 7-Zip, making it possible to create a RAR archive file that would cause 7-Zip to execute malicious code hidden in the data part of the file.

Building a working exploit was easier than it could have been, as 7-Zip was made without support for address space layout randomisation (ASLR).

This means 7-Zip tools would always load into the same memory addresses, making it simpler for attackers to predict where certain fragments of executable code would be loaded.

7-Zip has patched the uninitialised variable vulnerability and enabled ASLR. The fixes are available from 7-Zip version 18.05.

Now read: Update for Ubuntu 16.04 LTS patches security vulnerabilities

Show comments

Latest news

More news

Trending news

Poll

Which online clothing store do you prefer?

View Results

Loading ... Loading ...
Sign up to the MyBroadband newsletter