Enis Aksu

**Name of the Vulnerable Software and Affected Versions** PeaZip versions 10.4.0 and earlier **Description** This issue allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of PeaZip. User interaction is required to exploit this, where the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files. When extracting files from a crafted archive that bears the Mark-of-the-Web, PeaZip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this to execute arbitrary code in the context of the current user. **Recommendations** For PeaZip versions 10.4.0 and earlier, consider disabling the archive extraction feature until a patch is available. Restrict access to potentially malicious archives to minimize the risk of exploitation. Avoid opening files from untrusted sources to reduce the risk of executing arbitrary code. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Bandizip versions 7.37 and earlier **Description** A Mark-of-the-Web Bypass Vulnerability exists in Bandizip, allowing attackers to bypass the Mark-of-the-Web protection mechanism on affected installations. User interaction is required to exploit this vulnerability, as the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of archived files, where Bandizip does not propagate the Mark-of-the-Web to the extracted files when extracting from a crafted archive. This enables an attacker to execute arbitrary code in the context of the current user. **Recommendations** For Bandizip versions 7.37 and earlier, update to a version that includes a fix for this vulnerability. As a temporary workaround, consider avoiding the extraction of files from archives that may bear the Mark-of-the-Web until a patch is available. Restrict access to potentially malicious files and websites to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** WinZip versions prior to 29.0 **Description** The issue is related to the handling of archived files in WinZip, allowing attackers to bypass the Mark-of-the-Web protection mechanism. This can be exploited when a user extracts files from a crafted archive that bears the Mark-of-the-Web, as WinZip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this to execute arbitrary code in the context of the current user. The exploitation requires user interaction, such as visiting a malicious page or opening a malicious file. **Recommendations** For versions prior to 29.0, consider disabling the handling of archived files with the Mark-of-the-Web until a patch is available. Restrict access to potentially malicious archives to minimize the risk of exploitation. Avoid using WinZip to extract files from untrusted sources until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.