Information Security News mailing list archives
Re: .zip files putting the zap on antivirus products
From: InfoSec News <isn () c4i org>
Date: Wed, 11 Feb 2004 04:41:56 -0600 (CST)
Forwarded from: Remco B. Brink <remco () rc6 org> <quote who="InfoSec News">
Forwarded from: KUIJPERS Jimmy <myemailaccount () fastmail fm> *.zip posses no real danger in my opinion. Winzip or similiar software was installed on many end user systems anyway. Embeding this functionality with Windows XP doesn't really increase the risk of virusses spreading at all. There are virusscanners that automaticly scan e-mails attachment, including the contents of zip files.
I'd call that a pretty dangerous thing, if you consider the following: The zipfile you find on this website [1] is a five-level nested zips-in-zips-in-zip archive. It is only 42KB large, but it expands to 4.5 petabytes (that's 4.5 million gigabytes!) fully unpacked. My guess is that most antivirus programs will happily try to unfold it in all its glory. Is your machine swapping a lot now? regards, Remco Brink [1] http://www.unforgettable.dk/42.zip -- Remco B. Brink -- QA / BW GS / CDTT eating bandwith for breakfast at http://rc6.org Help! The paranoids are out to get me! - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- .zip files putting the zap on antivirus products InfoSec News (Feb 06)
- <Possible follow-ups>
- Re: .zip files putting the zap on antivirus products InfoSec News (Feb 10)
- Re: .zip files putting the zap on antivirus products InfoSec News (Feb 11)
- Re: .zip files putting the zap on antivirus products InfoSec News (Feb 13)