TechSpot means tech analysis and advice you can trust. Read our ethics statement.
Recently, some security flaws were found in versions 3.x, 6.x, 7.x, 8.x and 9.x of Winzip which could allow an attacker to execute malicious code on a Windows PC. Now, Winzip have made a fix available which will plug the flaw in the way WinZip handles command line inputs. This fix is contained in WinZip 9.0 Service Release 1 (SR-1). The service pack also contains other security enhancements, such as if a user double-clicks on an .exe file compressed within a Zip file, WinZip will warn that the compressed file could contain a virus.
Winzip recommends on its Web site that all users upgrade to version 9 to get the fix at no cost.