Avatar

This blog post was authored by Marcin Noga of Cisco Talos.

Introduction

In 2016 Talos released an advisory for CVE-2016-2334, which was a remote code execution vulnerability affecting certain versions of 7zip, a popular compression utility. In this blog post we will walk through the process of weaponizing this vulnerability and creating a fully working exploit that leverages it on Windows 7 x86 with the affected version of 7zip (x86 15.05 beta) installed.

Read More >>



Authors

Talos Group

Talos Security Intelligence & Research Group