Researchers have discovered a critical security flaw in WinZip 24 that targets users with malware. WinZip trial popup vulnerability allows hackers to perform arbitrary code execution and DNS poisoning. When WinZip displays prompt informing about the expiry of the free trial and sends requests for checking updates, it communicates in plaintext over HTTP instead of HTTPS; the vulnerability has been reported to exist in the way WinZip communicated with its servers, making it susceptible to exploits by a malicious actor who delivered malware through the same. WinZip is free to download ZIP tool program that is used to compress and decompress files easily. It enables users to zip and unzip almost all file formats including zip, tar, rar, and etc. However, the tool is available online free for a trial period, and to continue availing its services fully, users need to purchase a license for which the tool checks software status for users over a period of time, repeatedly. Once it detects the trial period being expired, the software displays a prompt using the abovementioned way of communication: That is where the bug was found. It was in between that attackers could intercept the traffic and intervene in the communicated text and adding an infected WinZip version. Furthermore, the users' concerns are aggravated by the fact that the update request also contains personal data of the user such as 'registered username', 'registration code', and other required information for the processing of the request. This information could also be accessed by the attacker meddling with the trial popup. "WinZip 24 opens pop-up windows time to time when running in Trial mode. Since the content of these popups is ..
Support the originator by clicking the read the rest link below.
