The free 7-Zip archiver has a serious security hole, which is why unscrupulous hackers gain the opportunity to get unlimited access to a PC.
The full description of the find is posted on the GitHub portal. It says that the CVE-2022-29072 vulnerability opens up for local users the ability to own SYSTEM-level privileges, as a result of which it is possible to manipulate the operating system on behalf of the administrator. The vulnerability is based on a failure of the access rights settings of the 7z.dll library in the program code. The description also states that the vulnerability exists in every version of 7-Zip, and it is used by almost half a billion users worldwide.
To get administrator rights and full access, you only need to transfer the .7z file viruses to the Help - Contents interface. The help page of the archiver is initially launched using HTML Helper (hh.exe), however, after entering extraneous code, due to buffer overflow, the command line becomes available to the program on behalf of the administrator.
The creators of 7-Zip, in turn, refused to acknowledge the presence of the vulnerability. They believe that the mechanism is purely related to the operation of the hh.exe program. To protect the system, they advise deleting the 7-zip.chm help file located in the C:\Program Files\7-Zip or C:\Program Files(x86)\7-Zip room. Also, PC owners can set up restrictions on the rights of local accounts, allowing them only to run and read the executable file of the archiver.
The full description of the find is posted on the GitHub portal. It says that the CVE-2022-29072 vulnerability opens up for local users the ability to own SYSTEM-level privileges, as a result of which it is possible to manipulate the operating system on behalf of the administrator. The vulnerability is based on a failure of the access rights settings of the 7z.dll library in the program code. The description also states that the vulnerability exists in every version of 7-Zip, and it is used by almost half a billion users worldwide.
To get administrator rights and full access, you only need to transfer the .7z file viruses to the Help - Contents interface. The help page of the archiver is initially launched using HTML Helper (hh.exe), however, after entering extraneous code, due to buffer overflow, the command line becomes available to the program on behalf of the administrator.
The creators of 7-Zip, in turn, refused to acknowledge the presence of the vulnerability. They believe that the mechanism is purely related to the operation of the hh.exe program. To protect the system, they advise deleting the 7-zip.chm help file located in the C:\Program Files\7-Zip or C:\Program Files(x86)\7-Zip room. Also, PC owners can set up restrictions on the rights of local accounts, allowing them only to run and read the executable file of the archiver.
Login or register to post comments
Comments 0