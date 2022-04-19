Software loophole allows remote code execution with admin privileges

One of the most famous file compressors in the world, 7-zip carries a 0-day vulnerability that could grant admin privileges to an attacker. What makes the threat especially serious is not just the fact that it is being actively used, but also its ability to allow a person to remotely run codes on infected machines.

Although compression software is available for many systems, it appears that the error identified as CVE-2022-29072 only affects Windows users at the time. Responsible for the discovery, GitHub user Kagancapar published in detail how the flaw works and made a video demonstrating how it can be exploited.

According to the researcher, 7-Zip developers are not fully responsible for the failurewhich can be attributed to the way the help system in Windows it works. For the breach to work, an attacker just needs to create a special file with the .7z extension, which, when dragged over the program’s help screen, ensures the ability to run code on the system with administrator privileges.

Flaw increases system privileges

Kangacapar explains that the responsibility of the creators of 7-Zip arises when, after the file is dragged, the executable ends up gaining several access privileges — what shouldn’t happen. The flaw affects all versions of the program for Windows, including the latest (21.97), which has yet to receive a patch patch.

To prevent the loophole from being used, it is possible to delete the 7-zip.chm file in the software installation folder or restrict its read and write permissions to protect yourself. In the latter case, the configuration must be done on all users who have access to the machine to ensure its protection.



While those responsible for the software have not yet officially commented on the matter, the fact that the flaw has become public should encourage a quick release of a patch. Launched in 1999, the application emerged as a free and faster option to famous alternatives such as WinRAR and is available at 89 languages for Windows, BSD, macOS, Linux and ReactOS.

