Dambudziko (CVE-2022-29072) rakawanikwa mu 7-Zip archiver yemahara. Dambudziko iri rinobvumira mirairo isina kurongeka kuti iitwe neSYSTEM privileges nekufambisa faira re .7z rakagadzirwa zvakananga munzvimbo yerubatsiro inoratidzwa paunovhura menyu ye "Help>Contents". Dambudziko iri rinongokanganisa puratifomu ye7-Zip chete. Windows uye zvinokonzerwa nekusanganiswa kweraibhurari ye7z.dll isina kugadziriswa zvakanaka uye buffer overflow.
Zvinokosha kuziva kuti mushure mekuziviswa nezvedambudziko, ivo vanogadzira 7-Zip havana kubvuma kusazvibata uye vakataura kuti kwaikonzera njodzi yaive yeMicrosoft HTML Helper process (hh.exe), iyo inomhanyisa kodhi kana faira rafambiswa. Muongorori akaona kusazvibata anotenda kuti hh.exe inongobatanidzwa zvisina kunanga mukushandisa kusazvibata, uye murairo wakatsanangurwa mukubiridzira unotangwa mu7zFM.exe semwana maitiro. Zvikonzero zvekukwanisa kuita kurwisa kuburikidza nejekiseni rekuraira zvinonzi buffer kufashukira mu7zFM.exe maitiro uye zvisizvo zvigadziriso zvekodzero zve7z.dll library.
Semuenzaniso, faira rerubatsiro rinotanga "cmd.exe" rinoratidzwa. Kushandiswa kunobvumira kuti SYSTEM ive nekodzero kunowanikwa kunonzi kuri kugadzirwawo. Windows, asi kodhi yayo yakarongwa kuburitswa mushure mekuburitswa kwe7-Zip update inogadzirisa dambudziko iri. Sezvo kugadzirisa kusati kwaburitswa, mhinduro iri kukurudzirwa ndeyekuganhurira 7-Zip kuti ive yekuverenga chete uye kuita kuti isvike chete.
Source: opennet.ru
