A vulnerability has been reported in WinZip, which can be exploited by malicious people to compromise a user’s system.
The vulnerability is caused due to several unspecified insecure methods in the FileView ActiveX control (WZFILEVIEW.FileViewCtrl.61). This can be exploited to execute arbitrary code via a specially crafted web site.
Successful exploitation requires that the user is tricked into visiting a malicious web site.
The vulnerability is reported in WinZip 10.0 versions prior to Build 7245.
Update to version 10.0 Build 7245.