High Risk 7-Zip Vulnerability Threat Discovered
7-Zip Vulnerability Could Allow for Arbitrary Code ExecutionA vulnerability has been discovered in 7-Zip versions prior to 18.05, which could allow for arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights. There are currently no reports of this vulnerability being exploited in the wild.
The SolutionUsing a report to check which machines have a vulnerable version of 7-Zip and the Lansweeper deployment module, you can detect and update your vulnerable machines in no time.
- Run this report that identifies computers running a vulnerable 7-Zip installation.
- Based on the report output, run this deployment package to update these installations.