WinZip Warns of Security Flaws
Posted by configure on 04 October 2004 - 06:49 · 30 comments & 5755 views
About the Author
Full name: Unknown
Forum name:
configure
Contact: via forum PM
Submissions: Normal · Headline
Full name: Unknown
Forum name:
configureContact: via forum PM
Submissions: Normal · Headline
Slashdot It!
Submit to reddit
Submit to blinklist
Bookmark on del.icio.us
Add to furl
Share on Facebook
Add to Windows Live
Add to Google- Advertisement
-
-
(4 replies)
#1 Posted by shrike on 04 Oct 2004 - 06:56
- USE WINRAR
-
#1.2 Posted by LampkinsMateSteve on 04 Oct 2004 - 10:43
- Yup, especailly now that Winzip has moved from being simply nagware.
-
#2 Posted by zipgenius on 04 Oct 2004 - 07:02
- Maybe this? (Google translated into english)
My article at www.wininizio.it
-
(2 replies)
#3 Posted by Ramses on 04 Oct 2004 - 07:03
- What is it with all those software companies?
It seems that every major software company releases programs that contain vulnnerabilites to give a hacker access to your computer...
-
#3.1 Posted by jkinzer on 04 Oct 2004 - 09:51
- As long as humans write code, programs will have vulnerabilities and bugs. It's just next to impossible to predict every possible scenario that could be exploited, let alone to write completely bug-free code.
-
#3.2 Posted by neufuse on 04 Oct 2004 - 12:01
- whats with them? It's the nature of programming... for every one way you cover there is 2^n ways to break it... which pretty much comes down to if you cover one path there is infinaite ways to get around it... it just takes time to figure out all the alternative paths
yes infinite is an exageration, but it comes down to you can never make software secure, it will never have zero errors or bugs, you can approach zero but never reach it
-
#4 Posted by Longhorn_2004 on 04 Oct 2004 - 07:03
- yeah winrar ownz
-
(1 reply)
#5 Posted by Phantom Helix™ on 04 Oct 2004 - 07:23
- the reason highly popular siftware is usually shown to demonstrate security vulnerablities is because more people want to be known for taking down the "Big" guy.
think about, if MS went backrupt tomarrow (alot of people would be happy i know) and completely stopped supporting thier software people would eventually move to Linux, mac or some other supplier.
if that happend someone would become the big guy wether in the same fashion as MS or not, but then once common place those systems would then be uinder constant attack and all you who said MS was **** because your software had no holes will now be crying for "the good ole days"
so IMHO you can all stick a crusty sock up your butt and twist it sideways real HARD lmfao
oh and 7Zip Pwnes ALL!!! -
#5.1 Posted by xinok on 04 Oct 2004 - 08:10
- I think actually security research groups were the ones that found the flaws, not the hackers. But as you were saying, they only found the flaw because Winzip is probably the most popular archiver available. They won't bother analyzing software that all of 100 people use.
-
#6 Posted by moua on 04 Oct 2004 - 10:51
- While no exploits are known to be circulating
That's wrong i saw the flaws when i was downloading somzs zip (with cracks.. yes i know it's bad),
since that winzip print the content of any opened zip.
And kaspersky didn't show anything.
With the new winzip there no more problem.
But from now, when a compagny said "there no exploit know on our product, even with a very big flaw" i dont belive thems
-
(1 reply)
#7 Posted by joker999 on 04 Oct 2004 - 12:00
- lol @ winzip
winrar owned
-
#8 Posted by Hexlord on 04 Oct 2004 - 12:12
- But surely if Winrar is the dominant product, more bugs will be revealed?
-
#10 Posted by dcook32p on 04 Oct 2004 - 12:36
- This news is over one month old. Here is the Secunia vulnerability page:
http://secunia.com/advisories/12430/
At the time it was published, there were no known exploits. As one poster has already noted, there are a few in the wild now.
Edit: Made the vulnerability page hyperlinked.
-
(1 reply)
#11 Posted by kyro on 04 Oct 2004 - 12:44
- *snipped* - Troll
Last edited by 52 on 04 Oct 2004 - 13:36
-
#12 Posted by NinjaOfLove on 04 Oct 2004 - 12:46
- *snipped* - OT
Last edited by 52 on 04 Oct 2004 - 13:36
-
(1 reply)
#13 Posted by 8-n-1 on 04 Oct 2004 - 13:04
- ... or TugZip...
-
#13.1 Posted by Jugalator on 04 Oct 2004 - 14:05
- That one is looking good.
I've been looking for an archiver to create 7Z while avoiding its horrible GUI (or rather -- lack of), but so far been unsuccessful. Came close with some of them, but it's always stuff like crappy shell extensions or an awkward GUI that ruins it...
This one looks clean and good though.
-
#14 Posted by McFly on 04 Oct 2004 - 13:52
- PowerArchiver all the way!
-
#15 Posted by nienor on 04 Oct 2004 - 14:11
- ...
Okay. I don't use it.
But is it the same thing as the integrated un-zip in XP?
it can be dangerous this...
a lot of people use it again.......
-
#16 Posted by goatsniffer on 04 Oct 2004 - 15:14
- I dont; know about you, but this seems like a lie. To me it's a push to get everyone to be using a WinZip with the new enhanced compression to make that their new standard...
-
(2 replies)
#17 Posted by Cyranthus on 04 Oct 2004 - 15:24
- i dont use winzip, XP has an integrated zip reader... whats the use of an extra zip reader when its already built on? this doesn't affect that does it?
-
#17.2 Posted by sard on 05 Oct 2004 - 09:36
- The integrated ZIP support in XP is horrible. It can’t even cope with extracting files from nested archives. Winrar all the way baby. I just wish they would include support for creating 7zip archives but I suppose they don’t want to rival their own RAR format.
-
#18 Posted by Another_Paul on 04 Oct 2004 - 18:04
- Everything has holes! Even my cheese
The compression/decompression tool is one of the most widely used pieces of software on the Windows platform.
WinZip versions 3.x, 6.x, 7.x, 8.x, and 9.x contain vulnerabilities that could allow an attacker to execute malicious code on a Windows PC, the vendor warns. In an advisory this week, Danish security firm Secunia gives the bugs a "highly critical" rating, the fourth-highest out of its five severity levels.
While no exploits are known to be circulating, the wide deployment of WinZip makes the vulnerabilities important to patch immediately, WinZip says. Users of older WinZip versions must upgrade to version 9.x in order to get the fix, which is contained in WinZip 9.0 Service Release 1 (SR1). "WinZip Computing recommends that all WinZip users upgrade to WinZip 9.0 SR1 to avoid the possibility of future exploitation of these vulnerabilities," the company says.
Cont...
Adventures Cut Short
There was a time when point-and-click adventures were the most popular genre of computer game. Emerging out of the days of text adventures like Zork, graphical adventure games such as King's Quest and Leisure Suit Larry challenged players to find and use items to solve puzzles, usually through mastery of a set of text commands. Later, as a new, strange input device known as the "mouse" came into wide use, new entries in the genre replaced typing with pointing, dragging, and clicking.
LucasArts soon got into the act with titles of its own, revolutionizing the genre with creative, edgy, and hilarious adventures like Maniac Mansion and The Secret of Monkey Island, not to mention Sam & Max Hit the Road, which was based on an indie comic by Steve Purcell about a rabbit-and-dog team of "freelance police."
Considered one of the best--if not the best--in the genre, Sam & Max featured beautiful cartoonlike graphics and razor-sharp wit, and it seemed at the time to herald a new, exciting future for the genre. It turned out to be right at the end of it. The near-universal shift to 3D graphics spelled doom for the genre. King's Quest wasn't nearly as fun in 3D, and even though LucasArts' Grim Fandango was critically acclaimed, it was the only high point in years.
"I don't think 3D was ever done right," Connors said. "Once the switch was made, the budgets went up and developers couldn't afford to create the immersiveness you expect in a 3D world. Done right, a highly immersive 3D adventure game could push the genre back into the mainstream."
Telling Tall Tales
What else does Telltale plan to do to turn things around? First and foremost, it hopes to create games based on popular licenses to drive market interest. In our exclusive Q&A with Dan Connors below, he points to the success of the Law & Order and CSI games, both of which have fit well with the genre.
And yes, Telltale is hiring--Troy Molander says that the company is currently looking for talented programmers, artists, and storytellers. "Our goal," he said, "is to build a company where creativity is fostered and anything is possible."
But what about the question on everyone's mind--is a new Sam & Max title coming? Although Telltale Games hasn't specifically said anything, the upcoming first press release from the company does mention the game three times, then ends by saying that Telltale is currently "in the design phase on a well-loved license." Could it be? We'll just have to wait and see what Telltale Games has up its sleeves.