Name of the Vulnerable Software and Affected Versions:

WinZip versions prior to 29.0

Description:

The issue is related to the handling of archived files in WinZip, allowing attackers to bypass the Mark-of-the-Web protection mechanism. This can be exploited when a user extracts files from a crafted archive that bears the Mark-of-the-Web, as WinZip does not propagate the Mark-of-the-Web to the extracted files. An attacker can leverage this to execute arbitrary code in the context of the current user. The exploitation requires user interaction, such as visiting a malicious page or opening a malicious file.

Recommendations:

For versions prior to 29.0, consider disabling the handling of archived files with the Mark-of-the-Web until a patch is available. Restrict access to potentially malicious archives to minimize the risk of exploitation. Avoid using WinZip to extract files from untrusted sources until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.