Read in Le virus informatique (dates back to February, but I didn’t know, so maybe you don’t either): a ZIP archive can lie about the name and type of the files it contains.
What does it mean? That you double-click a ZIP, opening Winzip or WinRAR or whatever, you see a JPG file in the list, double-click it and, tough luck, an EXE file starts (a virus, a worm, etc.).
I don’t know if some of the archiving programs take that into account and prevent it from happening, but the most obvious workaround is to never launch a compressed file directly from the interface, but first decompress it into a temporary folder.