Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

This fan-favorite Windows application is vulnerable to various malware attacks

Image Description

Cybersecurity solution provider Trustwave has identified a number of vulnerabilities in the WinZip file compression software that could be used to inject malware into a user’s device. The insecurities reside within the server-client communication channel.

According to Trustwave, some versions of WinZip communicate with the server via an unencrypted connection when looking for updates, sending requests in cleartext. 

As a result, the HTTP connection can easily be taken over by a threat actor and used as a way of stealthily inserting malware.

“Since HTTP is unencrypted cleartext, it can be grabbed, manipulated, or hijacked by anyone with the ability to see that traffic,” Martin Rakhmanov, security research manager at Trustwave’s SpiderLabs team, explained

“This means anyone on the same network as a user running a vulnerable version of WinZip can use techniques like DNS poisoning to trick the application to fetch ‘update’ files from a malicious web server instead of a legitimate WinZip update host. As a result, unsuspecting users can launch arbitrary code as if it is a valid update.”

Threat mitigation

Other issues were also discovered by Trustwave researchers. For example, WinZip sends potentially sensitive information, including usernames and registration codes, over the same unencrypted channel when sending update requests. This means that an attacker could easily gain access to this information too.

Furthermore, in WinZip version 24 – the program has since been updated – pop-up windows that appear during Trial mode would be easily manipulated by a network adjacent attacker. It would be possible, therefore, to execute arbitrary code that would look as though it had come directly from WinZip servers.

The easiest way for users to safeguard themselves against these malware attacks is to upgrade to WinZip 25, as this version uses HTTPS for its server communications. If an upgrade is out of the question, users should disable automatic update checks to stay safe.

Date

11 Dec 2020

Sources


Share


Other Blog

  • The best gaming monitor 2020: the 10 best gaming screens of the year

    With the best gaming monitors, your games will come alive, whether you're playing PC games in 4K, or you're just playing on the PS4.

    Read More
  • Report says Amazon, ICICI Bank and Axis Bank-backed rival to NPCI ready

    Amazon, ICICI Bank and Axis Bank are said to partner with fintech startups Pine Labs and BillDesk to set a 'New Umbrella Entity' (NUE) that will build a UPI-like settlement system in India's digital payments space.

    Read More
  • Summer Game Fest 2021 schedule, dates, lineup and UK times

    Here's everything you need to know about Summer Game Fest 2021, including the schedule, dates and lineup.

    Read More
  • Asus TUF Dash F15 Gaming Laptop launched in India with 11th Gen Intel processors

    Asus TUF Dash F15 Gaming Laptop which launched in India comes with 11th Gen Intel processors along with Ampere GPUs up to Nvidia GeForce RTX 3070.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us