7-Zip security update

Number: AV18-078
Date: 11 May 2018

Purpose

The purpose of this advisory is to bring attention to a security update released by 7-Zip.

Assessment

7-Zip has released a product update addressing a security vulnerability where a remote user can create a file that, when processed by the target user or application, will execute arbitrary code on the target system.

Affected Products:

7-Zip versions prior to 18.05

CVE References: CVE-2018-10115

Suggested action

CCIRC recommends that system administrators test and deploy the vendor released updates on affected platforms accordingly.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-10115
https://nakedsecurity.sophos.com/2018/05/09/critical-bug-in-7-zip-make-sure-youre-up-to-date/

Date modified:: 2018-09-26

Language selection

Search

Purpose

Assessment

Suggested action

References

Note to readers

7-Zip security update

Purpose

Assessment

Suggested action

References