Friday, May 23, 2008

7 zip vulnerabilities

Since 7 Zip has almost become a standard piece of software I thought it prudent to look up any issues with it.

I found this article below:

The solution is to upgrade to v4.57 which is the latest version (2007-12-06):

Affected Products

7-ZIP versions prior to 4.57

The current beta version of 7 zip is 4.58 dated 2008-05-05
4.58 beta      2008-05-05


- Some speed optimizations.

- 7-Zip now can unpack .lzma archives.

- Unicode (UTF-8) support for filenames in .ZIP archives. Now there are 3 modes:

1) Default mode: 7-Zip uses UTF-8, if the local code page doesn't contain required symbols.

2) -mcu switch: 7-Zip uses UTF-8, if there are non-ASCII symbols.

3) -mcl switch: 7-Zip uses local code page.

- Now it's possible to store file creation time in 7z and ZIP archives (-mtc switch).

- 7-Zip now can unpack multivolume RAR archives created with

"old style volume names" scheme and names *.001, *.002, ...

- Now it's possible to use -mSW- and -mSW+ switches instead of -mSW=off and -mSW=on

- Some bugs were fixed.

- New localizations: Punjabi (Indian), Pashto.

It is important that we make sure all workstations are on the latest non-beta version, 4.57.

Daniel Rodriguez

No comments: