In the course of searching for WinZip network communications changes, the experts noticed that through the unsecured TCP, the WinZip archiver was vulnerable to many attacks. By granting a rogue “update,” any threat attacker will easily manipulate this.
Currently, WinZip is version 25, but soon after it is released, search the server for changes over an unencrypted connection, a flaw that could be abused by an agent who is ill-disposed. It also occurred that like the username and registration code, the registration data was transmitted via HTTP.
In addition to the support built into the operating system, WinZip has become a long-standing utility for Windows users with file archiving requirements. Martin Rakhmanov, a security specialist at the Trustwave group, said it was the user who believed it was a new update that could handle the malicious code.
A popup is shown from time to time in one of the trial versions of WinZip, though and the key content of this popup is filled by HTTP that could easily be changed by an intruder on the network.
First Finding
In the first finding, the study confirmed that HTTP is unencrypted plain text, and anybody with the ability to see the traffic can understand, prepare, or high-jack it. It ensures that someone who is on the same network will use multiple strategies as a user running an insecure version of WinZip.
Methods such as DNS poisoning to trick the program so that it can get “update” files rather than a genuine WinZip update host from a malicious web server.
The application, however, transmits as part of the upgrade request all sensitive data such as the registered username, registration code, and any other data in the query sequence.
Second Finding
In the second quest, when running in Trial mode, WinZip 24 opens a popup window from time to time. HTML, along with JavaScript, which is also retrieved from HTTP, is the content of these popups.
But with a network that is adjacent to the threat actor, it manipulates the content skillfully. In addition, as we have said in the previous case, in the end, ill-disposed actors will effectively manipulate this problem to execute arbitrary programming.
Mitigations
Any prevention has been provided by the experts; WinZip users can minimize these problems by updating to the most advanced version of WinZip.
This version uses HTTPS properly and is no longer defenseless to these kinds of threats. And all users who can’t upgrade should search for one of the checked changes by testing the opt-out feature of the update.
But since the updates are paid for, there may be many consumers who can not afford to get the famous release. The WinZip basic costs $35.64, and $59.44 is the expense of the Pro version. Instead, consumers are encouraged to interrupt the upgrade scans.
