I fail to see how this is a big deal?
And that makes you part of the problem.
Vulnerabilities in non-privileged applications that require user interaction are still routinely exploited and used as part of multi-step penetration processes. Non-interactive remote-code execution and privilege elevation are not the only threats to system integrity.
So let's repeat the salient points:
- Many programs do process archive files without user intervention.
- Vulnerabilities that require user interaction are routinely exploited anyway.
- Successful execution of hostile code means the attacker owns that account. That's worse if it's a privileged account, but it's bad enough when it's an ordinary one.
- Attackers have used many, many approaches to pivot and elevate. Sometimes it's a simple as installing a key logger, then mucking up the machine, and waiting for the user to hand it over to an administrator for fixing; nine times out of ten, said admin will start by entering an admin password. Game over.
Biting the hand that feeds IT
