******DECOMPRESSION BOMBS******

DOES ANYONE KNOW WHAT A DECOMPRESSION BOMB IS AND WHAT IT DOES? I RECIEVED FIVE FILES IN AN EMAIL TODAY WHERE FILES WERE COMPRESSED WITHIN COMPRESSED FILES THEMSELVES. I HAVE SENT THOSE FILES TO SUPPORT AT AVAST. IF ANY MODERATOR NEEDS MORE INFORMATION PLEASE FEEL FREE TO CONTACT ME VIA EMAIL OR SEND ME A MESSAGE VIA THE FORUM BOARD.

I dont know what they are but please dont type in all caps it is the same as Yelling

Radicalb21,
I’m sure one of the experts will be along soon to help you with this…
There was an article in PC World (online newsletter) that discussed this, but I really didn’t understand the article enough to help you.

cojo

ps Mac?..no offense, but sometimes people are upset and don’t realize all caps aren’t the correct way…and I also have to type in all caps at times due to my vision problems.
cojo

So called decompression bomb is an archive file which is corrupted or modified - and after unpacking it will grow the huge size (100Mb+ or some Gbs). We’re able to recognize if the file is unpacked from the invalid archive - but only after unpacking process. The unpacking to the enormous size is very dangerous: the process has very high priority, HDD is not infinite and Windows is unexpected.

I’ve already done some steps to handle these files and you will feel safe with the next avast build.

For more info

http://www.aerasec.de/security/advisories/decompression-bomb-vulnerability.html

Thanks for the help guys. I really appreciate it. Sorry for all caps at the begining of the post i wasn’t paying attention. I already emailed the files I recieved today to support@asw.cz .

For suspicious files, it’s better to send them to virus@asw.cz (instead of support@) :slight_smile:

Thanks IGOR for the information I’ll use that information next time when submitting a file.