WinZip 10.0 Build 7245

Download WinZip 10.0 build 7245 now.

Q: What is WinZip 10 build 7245?

A: On November 14, 2006 WinZip Computing released WinZip 10.0 build 7245, a critical update to all installations of WinZip 10.0. This build addresses a security vulnerability that exists in one of its component modules.

This vulnerability could allow a remote attacker to execute arbitrary code on a system with an unpatched installation of WinZip 10.0 if the user was to visit a malicious web page. While there are no known exploits as of this announcement, WinZip 10.0 users are strongly urged to update to build 7245, due to the critical nature of the vulnerability.

WinZip 10.0 build 7245 is available free of charge to all registered users of WinZip 10.0 Standard and Pro. Previous versions of WinZip are not affected by this vulnerability.

Q: How do I get WinZip 10 build 7245?

A: You can simply download and install the new build over your existing WinZip 10.0 installation. In order to preserve your existing WinZip registration information, please do NOT uninstall your current WinZip 10.0 before installing this new build of WinZip 10.0.

Download WinZip 10.0 build 7245 now.

If you installed WinZip 10.0 using the MSI installer, please download the special MSI patch.

Q: How do I know what version of WinZip I have installed? (WinZip 10)

A: You can check to see what release of WinZip is currently installed by displaying WinZip's About box as follows:

You can see the version and build number on your screen in the area indicated with the red oval

Screen Shot

If you have WinZip 10.0, but with a lower build number please follow the instructions above on "How do I get WinZip 10.0 build 7245?"

If you have WinZip 9.0 or earlier, you are not affected by this particular vulnerability. However this may be a good time to upgrade to the current release of WinZip and enjoy its new powerful features. Please see the WinZip upgrade information page for details.

WinZip would like to thank an anonymous researcher working with TippingPoint and the Zero Day Initiative for reporting this issue.