Vulnerabilities found in WinZip

By Bill Brenner, News Writer 08 Sep 2004 | SearchWindowsSecurity.com

Digg This!     StumbleUpon     Del.icio.us

An attacker could potentially exploit unspecified buffer overflow vulnerabilities in WinZip to execute arbitrary code or gain access to systems, SecurityTracker said in an advisory.

The Silver Spring, Md.-based vulnerability watchdog said the flaws affect 9.0 and prior versions of WinZip, a file-compressing utility for Windows. The advisory said they could be exploited to execute arbitrary code and gain user access via a local system or network.

"When you're able to execute arbitrary code, you can do anything," said Michael Haisley, a handler for the Bethesda, Md.-based Internet Storm Center, a service of the SANS Institute. "In the past, zip files were considered safe. That has proven not to be the case."

Haisley noted that vulnerabilities in WinZip were also discovered back in February. While there's no indication that the latest flaws have been exploited, he warned this is the type of flaw attackers traditionally use to launch malicious code. His advice to users: "Keep your antivirus software as updated as possible and don't open files you're not expecting."

Mansfield, Conn.-based WinZip Computing Inc. reported that it discovered the problems during an internal review of the WinZip code, SecurityTracker said. The company has since upgraded version 9.0 to fix the vulnerabilities.

In a message on its Web site, the Internet Storm Center reiterated the importance of keeping up with new security updates.

"Vulnerabilities in very popular third-party software products should be a significant concern for organizations that have not deployed comprehensive patch-management solutions," the storm center said. "Configuring systems to automate the process of installing patches for Microsoft products is a welcome feature, but does not adequately address third-party software. Other examples of recent vulnerabilities in third-party software include Adobe Acrobat Reader, Sun Java Runtime Engine and AOL Instant Messenger."

This article originally appeared on SearchSecurity.com.

Tags: Network intrusion detection and prevention and malware removal,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network intrusion detection and prevention and malware removal 20 days to a more secure enterprise Improvements to offline file synchronization in Windows 7 Underlying causes of inconsistent patch management Windows security tools for the busy desktop administrator Check IT List: Five steps for rootkit detection Top Windows client security tools for end users Hacking Exposed Windows: Windows security features and tools Tools for virus removal and detection Windows security testing: Five tips for the summer Buffer overflows can be prevented by GS cookies

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary