Notification

Icon
Error

7-Zip Arbitrary Code Execution Vulnerability

Posted: Friday, May 4, 2018 2:19:34 PM(UTC)
Esben.D

Esben.D

Member Administration Original PosterPosts: 1,982
6
Like
An arbitrary code execution vulnerability has recently been discovered in 7-Zip. By exploiting this arbitrary code execution, depending on the privileges of the user, an attacker can install programs; view, change, or delete data; or create new accounts with full user rights.
This topic outlines how you can deploy the fixed 7-Zip version. Using a report to check which machines have a vulnerable version of 7-Zip and the Lansweeper deployment module you can detect and update your vulnerable machines.

To make use of this guide make sure the following are in order:
If the requirements are in order, you can mass check and update all your vulnerable assets by doing the following:

1) Follow the instructions found in the Report Center to add the report to your Lansweeper installation.

2) Go to Deployment\Security Options and set up your package share and share user.

3) Follow the instructions found in the Installer Center to add the deployment to your Lansweeper installation and patch your assets.


7-Zip vulnerability
Esben.D
#1Esben.D Member Administration Original PosterPosts: 1,982  
posted: 5/4/2018 2:20:32 PM(UTC)
If you have any questions regarding the report or deployment package, please contact us via email at support@lansweeper.com

Active Discussions

Lansweeper local admin users of a specific device
by  kdunnett   Go to last post Go to first unread
Last post: Today at 9:30:26 PM(UTC)
Lansweeper Automated warranty check not working for HP
by  Erik.T  
Go to last post Go to first unread
Last post: Today at 5:40:25 PM(UTC)
Lansweeper Guide: Get Every Asset MAC Addresses From Every Subnet
by  Erik.T   Go to last post Go to first unread
Last post: Today at 5:38:15 PM(UTC)
Lansweeper Vcenter Scanning Credential
by  Erik.T  
Go to last post Go to first unread
Last post: Today at 5:33:58 PM(UTC)
Lansweeper SCCM Integration
by  Erik.T   Go to last post Go to first unread
Last post: Today at 5:29:26 PM(UTC)
Lansweeper SATA MODE REPORT
by  Erik.T  
Go to last post Go to first unread
Last post: Today at 5:20:37 PM(UTC)
Lansweeper Scanning - computer manufacturer shows as VPN though
by  Erik.T   Go to last post Go to first unread
Last post: Today at 5:14:34 PM(UTC)
Lansweeper Lastlogon / lastlogondate
by  Erik.T  
Go to last post Go to first unread
Last post: Today at 5:13:16 PM(UTC)