Older Free Versions Of WinZip May Have Security Vulnerabilities

December 24, 2020

Written by wukovits

Hackers have found yet another possible inroad they can use to infect the machines of unsuspecting users.

This time, they’re infecting older versions of WinZip.

If there’s one utility that’s nearly as ubiquitous as Adobe’s Acrobat Reader, it would probably be WinZip.

In the 30+ years since its initial release, the handy tool has seen variants that are compatible with macOS, Android, iOS, all versions of Windows, and a few others. All told, it boasts more than a billion downloads, and that, of course, doesn’t count the legions of people who got a copy from a friend. In short, it’s a utility you can find on a majority of PCs and tablets running today. It’s everywhere, and that’s part of the problem.

The current version of WinZip is 25, but only a small minority of users are utilizing the latest build, and unfortunately, older versions check the server for updates via an un-encrypted connection, which is a weakness all too easy for hackers to exploit.

Basically, if a hacker inserts himself into the update process, he can execute any arbitrary code he wants, and the machine will assume it’s a WinZip update. Unfortunately, the only solution to the issue is to upgrade to WinZip 25, but where prior editions of the utility have been free, the latest WinZip update is paid. You’ll need to shell out just over $35 for the basic version or just under $60 for the “Pro” version and that’s pricey, especially when there are good free variants like 7Zip that can be found.

The bottom line though, is that if you’re using an older version of WinZip, you should be aware that every time the utility scans for an update, you open a door, even if only briefly, that may allow a watchful hacker access to devices on your network, and that’s a problem.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

New Graphene Technology May Increase Hard Drive Storage

HDDs are old, well understood technology. They haven't changed much in recent years. In fact, increasingly, people are writing them off, preferring SSDs for their greater speed and smaller size, even though HDDs are less expensive. The clever folks at the University...

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Send us a message

Your message was sent.