I am writing an ASP.NET application to process custom zip files and restricting the extraction of files from it to only those extensions that I want.
I heard about infected zip files attached to emails and I was wondering if I should worry about extracting data from infected zip files in my application. I do not plan to execute the contents inside the zip file, but will it open and unpack from the infected zip file, causing the file to launch a virus even if I do not execute any contents inside the zip file?
source
share