An arbitrary code execution vulnerability has recently been discovered in 7-Zip. By exploiting this arbitrary code execution, depending on the privileges of the user, an attacker can install programs; view, change, or delete data; or create new accounts with full user rights.
This topic outlines how you can deploy the fixed 7-Zip version. Using a report to check which machines have a vulnerable version of 7-Zip and the Lansweeper deployment module you can detect and update your vulnerable machines.
To make use of this guide make sure the following are in order:
If the requirements are in order, you can mass check and update all your vulnerable assets by doing the following:
1) Follow the instructions found in the Report Center to add the report to your Lansweeper installation.
2) Go to Deployment\Security Options and set up your package share and share user.
3) Follow the instructions found in the Installer Center to add the deployment to your Lansweeper installation and patch your assets.