Security researchers recently discovered what’s known as a zero-day vulnerability in the popular archiving tool software known as 7-zip.  7-zip is a free to use cross-platform tool which can compress and decompress files such as those in the .zip format.  Tools similar to 7-zip include WinRAR, and WinZip.

The vulnerability discovered in 7-zip is known as a zero-day vulnerability and is characterized as allowing privilege escalation and command execution.  This means that if a hacker exploits this vulnerability they may gain administrative level access to the device, and even run commands like to install more malware or execute other exploits.  This vulnerability is specifically tied to Windows, as the exploit relies on 7-zip’s interactivity with the Windows help application known as hh.exe.  The GitHub user Kagancaper discovered the flaw, and it was found that Windows allows privilege escalation and command execution when a file with .7z extension is dragged to the Help > Contents area.

Security officials are recommending until 7-zip patches their software that users delete the 7-zip.chm file which will sufficiently close the vulnerability.  Another method is to change the file permissions of 7-zip software to have only read and run permissions, and remove any write permissions the software may have.

Although this vulnerability can be exploited by a hacker to elevate a user’s privileges to that of an Administrator, following the above recommendations along with your own Anti-Virus software running, this exploit would be incredibly rare to see in the world.   As mentioned above there are several free to use compression tools which can be used within Windows such as WinRAR.

What are Zero-Day Vulnerabilities?

A zero-day vulnerability is essentially a flaw in a piece of software which can be exploited to gain access to or change the functionality of the base software.  It is an unknown exploit that exposes vulnerabilities in software or hardware alike, and can create complex problems before anyone realizes anything is wrong.

A zero-day attack happens when that flaw or vulnerability is exploited by an attacker to release malware before a developer has an opportunity to create a fix for it, hence the name – zero-day.

Zero-day vulnerabilities are flaws that are as of yet undiscovered, so defending against them can be difficult.  It is best to cast a wide net when trying to keep your systems secure, and always keep in mind that there may always be a yet undiscovered bug that could be exploited by those with the right knowledge.  Keeping critical software such as Windows Operating system, key software utilities, and ensuring hardware firmware is up to date are all great steps to take which can prevent hackers from exploiting vulnerabilities.

As a Managed IT Services company, Natural Networks can help maintain your office technology stays up to date through patch management, and 24/7 monitoring to ensure your critical business systems are secure and up to date.

If you’re interested in learning more about how Managed IT Services can help keep your devices secure, give us a call today!