7-zip Major Vulnerability (meet Cisco Systems)

townsend (16edit_vul)

Seems was fixed at major update. Please leave comments. Thank you in Advance.

Although no crypto vulns were reported its not good news. This is why you should only trust the gold standard encryption wares like GPG.

1 Like

which compression format is safest to use i.e. least amount of risk that extraction can run some type of exploit?

1 Like

IIUC no archive format, with or without compression, has built-in code execution functionality.

Risks lie with the programs used to handle the archives. If you read OP’s link, you’ll see that the vulnerabilities were with the way 7-zip handles UDF and HFS+ files, not the archive formats themselves.

[Imprint] [Privacy Policy] [Cookie Policy] [Terms of Use] [E-Sign Consent] [DMCA] [Contributors] [Investors] [Priority Support] [Professional Support]