Article written by Dan Goodin, via https://arstechnica.com

Microsoft cloud services are scanning for malware by peeking inside users’ zip files, even when they’re protected by a password, several users reported on Mastodon on Monday.
Microsoft is one-upping this move by attempting to bypass password protection in zip files and, when successful, scanning them for malicious code.
The security researcher has long archived malware inside password-protected zip files before exchanging them with other researchers through SharePoint.
“If you mail yourself something and type something like ‘ZIP password is Soph0s’, ZIP up EICAR and ZIP password it with Soph0s, it’ll find (the) password, extract and find (and feed MS detection),” he wrote.
One other thing readers should remember: password-protected zip files provide minimal assurance that content inside the archives can’t be read.

Please check out the complete article (source in English): https://arstechnica.com/information-technology/2023/05/microsoft-is-scanning-the-inside-of-password-protected-zip-files-for-malware/

Generated and translated automatically by Nisba!