A zero-day vulnerability has been found on the popular open-source achieving program 7-Zip. This vulnerability has been characterized as allowing privilege escalation and command execution. That means that someone with limited access to your system would be able to gain admin access.
The vulnerability has been discovered by researcher Kağan Çapar and it is designated as CVE-2022-29072. CVE-2022029072 surmises “Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.”
This vulnerability affects Windows users running version 21.07 — the latest version as of now. The vulnerability works by dropping a specially crafted file with a .7z extension (mimicking the 7-zip file extension) onto the 7-zip help window. It causes a heap overflow in 7zFM.exe and results in privilege elevation.
As of now current version of 7-zip for Windows, v21.07 isn’t patched for the vulnerability. But you can do the following to mitigate the issue.
- Open the 7-Zip installation directory. C:\Program Files\7-Zip for the 64-bit version of the application or C:\Program Files (x86)\7-Zip for the 32-bit version of the application.
- Locate the file 7-Zip.chm file and delete it by pressing Shift+delete and then press yes. If you get a File Access Denied prompt then simply select continue.