WinZip security flaws

[fyrewall]

For those of us that use WinZip (probably a lot of us)

http://www.eweek.com/article2/0,1759,1642408,00.asp

WinZip Computing Inc. recently revealed that Version 9.0 of its popular WinZip file compression program is vulnerable to a variety of security attacks. The company has released a "Service Release 1" to address the security problems.

The WinZip advisory states that "a number of general internal improvements have been made to the WinZip program to enhance security and reliability." According to the company, the vulnerabilities were found in the course of an internal review and there is no report that any of the problems have been exploited.

Just goes to show that everything can be exploited...

[Spyder32]

Yeah, I use WinZip and lately I've been pretty shocked at the number of exploits and vulnerabilities in it. I mean, for a zipping utility you would think it wouldn't have too many exploits. *sighs*

[AxessTerminated]

WinZip? Pfft. I suggest you kiddies move on to big-boy stuff. May I suggest www.7-zip.org? It makes ZIP files better than WinZip does! Also, it has an incredible 7z compression. It decompresses like 13 formats or so. And compresses in 3 or 4, along with all the little tweaks you can do with the dictionary size and memory usage type of stuff.

A_T

[fyrewall]

I was posting it as it is the most popular of compression software .. therefor it will affect the most people.. It was for information purposes, I was not stating what compressions software people should or should not use, nor was I asking what is the best software...

[Und3ertak3r]

dambed.. I am sure I have seen this before..

I am certain that a post on this site mentioned a flaw in Winzip that had been there since about version 6 ,, that allowed code to execute on openinig a zip archive.... code sites have been bragging for ages... but it was only with an update of V9 that fixed the problem.. that the winzip ppl finaly admitted that there was a problem..

uh can't find it .. sure it was on AO.. well must been somewhere else.. it is months old the item..

Cheers

BTW: What programm doesn't have a hole or 500 waiting to be exploited..?.

[secure_labs]

I've been using 7 zip because WinZip has failed to many times. Could be security related, I don't know. I do know that after making a pretty simple zip of some pics to email my agent; Winzip wouldn't open the zip it had just made. (i'm very anal and tend to test and re-test everything I do)
Several of the other archives I had were also corupted.

[a morning chill]

What happened to good 'ol winrar fans? Handles everything from tgz to zip, rar to cab, and another 25 different formats. With a free version and a MUCH higher compression ratio than winzip, I can't believe people are still sticking with winzip.

[zencoder]

Originally posted here by a morning chill
What happened to good 'ol winrar fans? Handles everything from tgz to zip, rar to cab, and another 25 different formats. With a free version and a MUCH higher compression ratio than winzip, I can't believe people are still sticking with winzip.

HERE HERE! Damn them all! A full return to COMPRESS and TAR, I say! Who needs a GUI?!?

// Mods: sorry, blatant fun-filled troll comment.

[secure_labs]

but that just wouldn't be pretty enough. graphics are the other half of my world. without them I might have to get a real job and actually talk to people. in person!

[scratchONtheBOX]

Yeah right! I agree that everything can be exploited, better be ready at all times! So, there is no such thing as maximum security after all?!?