Reply to post: Re: Another deja vu?

Loose .zips sink chips: How poisoned archives can hack your computer


Re: Another deja vu?

"The zip file, however, can be constructed so that it also decompresses to c:\windows\system32\explorer.exe."

So long as the file isn't in use, of course...which it will be, unless you're using something else as SHELL. Unless it somehow manages to terminate the process when it reaches that point in the archive, overwrite it and when the shell reloads - that's when your'e in for a world of pain.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019