GitHub - Bombadil-Systems/zombie-zip: Malformed ZIP archive that evades antivirus detection by declaring Method=0 (stored) while containing DEFLATE-compressed payload. (github.com)
from Zerush@lemmy.ml to security@lemmy.ml on 11 Mar 15:59
https://lemmy.ml/post/44341409

Not solved problem since 20 years

See also kb.cert.org/vuls/id/976247

#security

threaded - newest

rijom@lemmy.ml on 11 Mar 19:51 collapse

How is this different from just any simple encryption of a valid zip?

Zerush@lemmy.ml on 11 Mar 20:08 collapse

It isn’t, that is the problem for AVs to detect it