The popular file compression program 7-Zip is currently affected by a high-severity vulnerability.
#vulnerability #cyberattack #CyberSecurity #app
https://cnews.link/7-zip-affected-by-dangerous-vulnerability-1/
Laughs in tar
The app and subsequent updates must be installed manually, as the program doesn’t have automatic updates.
BRB updating 7zip on my Windows partitions real quick. Since apparently automatic updates for 7zip aren't a thing, I bet they've never been updated on my machines ever since initially installing it with Ninite
To be fair apps checking for updates is a stupid backwards thing from Windows, where you'd install manually random packages from random sources.
Checking for updates is the job of your package manager, and in any reasonable system that should be enough
Use chocolatey. It takes the headache out of a large part of running Windows.
I don't use Windows these days but don't they have winget?
Some versions of Windows do!
I bet ninite gave you an update when you ran the installer app again.
Otherwise, can I speak to you about our Lord and Savior Chocolatey? choco update should do it (I fumble here - I use a config management app to manage my wife's desktop)
You're probably wanting choco upgrade 7zip --confirm
That's only true for Windows.
On most Linux distribution, users would get a notification for the update (7zip et al). And the shutdown confirmation dialog would show a pre-checked "Update and shutdown" option.
Some have auto-update enabled. By the time I go look at my Linux machine, it may already have the fix installed.
An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!