Posted by Stefan Kanthak on Dec 09

Hi @ll,

the executable installers [°] of 7-Zip (see <http://www.7-zip.org/>)
and ALL self-extracting archives created with 7-Zip are vulnerable:

1. They load and execute a rogue/bogus/malicious UXTheme.dll [‘]
eventually found in the directory they are started from (the
“application directory”).

For software downloaded with a web browser this is typically the
“Downloads” directory: see
<…