WinZip security flaws

Printable View

Show 40 post(s) from this thread on one page

September 7th, 2004, 12:26 AM
fyrewall

WinZip security flaws

For those of us that use WinZip (probably a lot of us)

http://www.eweek.com/article2/0,1759,1642408,00.asp

Quote:

WinZip Computing Inc. recently revealed that Version 9.0 of its popular WinZip file compression program is vulnerable to a variety of security attacks. The company has released a "Service Release 1" to address the security problems.

Quote:

The WinZip advisory states that "a number of general internal improvements have been made to the WinZip program to enhance security and reliability." According to the company, the vulnerabilities were found in the course of an internal review and there is no report that any of the problems have been exploited.

Just goes to show that everything can be exploited...

:)
September 7th, 2004, 12:51 AM
Spyder32

Yeah, I use WinZip and lately I've been pretty shocked at the number of exploits and vulnerabilities in it. I mean, for a zipping utility you would think it wouldn't have too many exploits. *sighs*
September 7th, 2004, 01:28 AM
AxessTerminated

WinZip? Pfft. I suggest you kiddies move on to big-boy stuff. May I suggest www.7-zip.org? It makes ZIP files better than WinZip does! Also, it has an incredible 7z compression. It decompresses like 13 formats or so. And compresses in 3 or 4, along with all the little tweaks you can do with the dictionary size and memory usage type of stuff.

A_T
September 7th, 2004, 01:34 AM
fyrewall

I was posting it as it is the most popular of compression software .. therefor it will affect the most people.. It was for information purposes, I was not stating what compressions software people should or should not use, nor was I asking what is the best software...
September 7th, 2004, 01:57 AM
Und3ertak3r

dambed.. I am sure I have seen this before..

I am certain that a post on this site mentioned a flaw in Winzip that had been there since about version 6 ,, that allowed code to execute on openinig a zip archive.... code sites have been bragging for ages... but it was only with an update of V9 that fixed the problem.. that the winzip ppl finaly admitted that there was a problem..

uh can't find it .. sure it was on AO.. well must been somewhere else.. it is months old the item..

Cheers

BTW: What programm doesn't have a hole or 500 waiting to be exploited..?.
January 2nd, 2005, 01:07 AM
secure_labs

I've been using 7 zip because WinZip has failed to many times. Could be security related, I don't know. I do know that after making a pretty simple zip of some pics to email my agent; Winzip wouldn't open the zip it had just made. (i'm very anal and tend to test and re-test everything I do)
Several of the other archives I had were also corupted.
January 2nd, 2005, 01:09 AM
a morning chill

What happened to good 'ol winrar fans? Handles everything from tgz to zip, rar to cab, and another 25 different formats. With a free version and a MUCH higher compression ratio than winzip, I can't believe people are still sticking with winzip.
January 2nd, 2005, 02:03 AM
zencoder

Quote:

Originally posted here by a morning chill
What happened to good 'ol winrar fans? Handles everything from tgz to zip, rar to cab, and another 25 different formats. With a free version and a MUCH higher compression ratio than winzip, I can't believe people are still sticking with winzip.

HERE HERE! Damn them all! A full return to COMPRESS and TAR, I say! Who needs a GUI?!? :p

// Mods: sorry, blatant fun-filled troll comment. :(
January 2nd, 2005, 02:48 AM
secure_labs

but that just wouldn't be pretty enough. graphics are the other half of my world. without them I might have to get a real job and actually talk to people. in person!
January 2nd, 2005, 06:39 PM
scratchONtheBOX

Everything can or may be exploited!

Yeah right! I agree that everything can be exploited, better be ready at all times! So, there is no such thing as maximum security after all?!?

Show 40 post(s) from this thread on one page