Security vulnerabilities in 7-Zip published [31.08.23]
As part of the zero-day initiative, two vulnerabilities rated as high were published on 23.08.2023. These were already closed with the update 23.00 on 14.06.2023. With both vulnerabilities, malicious program code can already be executed if only an archive or a web page is opened. The problem is that 7-Zip does not automatically update the software. Users and administrators must ensure that they are using a current version (23.0.1) that no longer contains these vulnerabilities.
Further information can be found e.g. at heise.de.
If you have any questions, please contact kim-it@uni-hohenheim.de.
Do you have questions or comments about this site? contact form