Temporary Fix

IT Services Circle

Apr 25, 2022 · Information Security

7-Zip Vulnerability CVE-2022-29072: Exploit Details and Temporary Mitigation

A security researcher discovered that 7‑Zip (including version 21.07) contains CVE‑2022‑29072, a vulnerability that can be triggered by dragging a .7z file onto the Help → Content area, leading to privilege escalation and arbitrary command execution, with a temporary fix of deleting the vulnerable 7‑zip.chm file.