BetterZip 3.1.2 Fixes a Security Vulnerability in the Quick Look Generator

Robert, 2016-07-14

If you use the BetterZip Quick Look Generator, don’t miss this upgrade. Michał Bentkowski disovered a vulnerability which exists in all previous versions of BetterZip 3. I am not aware of any exploits in the wild, but Michał sent me a proof-of-concept archive. Basically, an attacker could craft an archive that could lead to an application or script being executed on your Mac when being “quick looked”. I am not elaborating on the vulnerability to protect users of the old versions for now. Michał will publish the details in a blog post in a few weeks time, since it was a quite interesting case.

Beside the QL vulnerability BetterZip 3.1.2 fixes these bugs:

Download Now