An arbitrary code execution vulnerability has recently been discovered in 7-Zip. By exploiting this arbitrary code execution, depending on the privileges of the user, an attacker can install programs; view, change, or delete data; or create new accounts with full user rights.
This topic outlines how you can deploy the fixed 7-Zip version. Using a report to check which machines have a vulnerable version of 7-Zip and the Lansweeper deployment module you can detect and update your vulnerable machines.
To make use of this guide make sure the following are in order:
1) Follow the instructions found in the Report Center to add the report to your Lansweeper installation.
2) Go to Deployment\Security Options and set up your package share and share user.
3) Follow the instructions found in the Installer Center to add the deployment to your Lansweeper installation and patch your assets.
This topic outlines how you can deploy the fixed 7-Zip version. Using a report to check which machines have a vulnerable version of 7-Zip and the Lansweeper deployment module you can detect and update your vulnerable machines.
To make use of this guide make sure the following are in order:
- Your Windows Domain or Workgroup scanning requirements.
- A scanning credential with local administrator rights needs to be submitted under Scanning\Scanning Credentials.
- Make sure your Windows computers have been successfully scanned. Click here for instructions on how to scan a Windows computer.
- Your Windows computers must meet the Deployment requirements.
1) Follow the instructions found in the Report Center to add the report to your Lansweeper installation.
2) Go to Deployment\Security Options and set up your package share and share user.
3) Follow the instructions found in the Installer Center to add the deployment to your Lansweeper installation and patch your assets.
1 Comment
