In the process of checking for updates on the WinZip network communications, the experts have found that the WinZip archiver was vulnerable to several attacks through the unsecured http. Any threat actor can easily exploit this by granting a rogue “update.”
WinZip is currently at version 25, but shortly after it releases, check the server for updates over an unencrypted link, a vulnerability that could be exploited by an ill-disposed actor. It also resembled that the registration data was transferred via http, like the username and registration code.
WinZip has been a long-standing service for Windows users with file archiving requirements beyond the support that has been built in the operating system. The security experts of Trustwave firm, Martin Rakhmanov asserted that it’s the user who thinks that it is a new version that could administer the malicious code.
However, in one of the trial versions of WinZip, a popup is displayed from time to time, and this popup’s main…