WinZip patches security flaw



Windows clients running the popular WinZip application are at risk from a number of critical security flaws, Australian PC World reports.

WinZip versions 3.x, 6.x, 7.x, 8.x and 9.x contain vulnerabilities that could allow an attacker to execute malicious code on a Windows PC, the vendor warned. In an advisory on Thursday, Danish security firm Secunia gave the bugs a "highly critical" rating, the fourth-highest out of its five severity levels.

While no exploits are known to be circulating, the wide deployment of WinZip makes the vulnerabilities important to patch immediately, WinZip said. Users of older WinZip versions must upgrade to version 9.x in order to get the fix, which is contained in WinZip 9.0 Service Release 1 (SR1).

The compression/decompression tool is one of the most widely used pieces of software on the Windows platform.