diff --git a/lib/webdrivers/common.rb b/lib/webdrivers/common.rb
index 0ff33e3e..20f4b12d 100644
--- a/lib/webdrivers/common.rb
+++ b/lib/webdrivers/common.rb
@@ -1,7 +1,6 @@
 # frozen_string_literal: true
 
 require 'rubygems/package'
-require 'zip'
 require 'webdrivers/logger'
 require 'webdrivers/network'
 require 'webdrivers/system'
diff --git a/lib/webdrivers/system.rb b/lib/webdrivers/system.rb
index 88afca07..1145666e 100644
--- a/lib/webdrivers/system.rb
+++ b/lib/webdrivers/system.rb
@@ -4,6 +4,12 @@
 require 'zip'
 require 'English'
 
+# validate zip entry sizes to avoid zip bombs
+# see https://github.com/rubyzip/rubyzip#size-validation
+# and https://github.com/rubyzip/rubyzip/pull/403 for further details
+# this will be the default in rubyzip 2.0+
+Zip.validate_entry_sizes = true
+
 module Webdrivers
   #
   # @api private
diff --git a/webdrivers.gemspec b/webdrivers.gemspec
index a47491ee..f05fdac1 100644
--- a/webdrivers.gemspec
+++ b/webdrivers.gemspec
@@ -29,6 +29,6 @@ Gem::Specification.new do |s|
   s.add_development_dependency 'simplecov', '~>0.16'
 
   s.add_runtime_dependency 'nokogiri', '~> 1.6'
-  s.add_runtime_dependency 'rubyzip', '~> 1.0'
+  s.add_runtime_dependency 'rubyzip', '>= 1.3.0'
   s.add_runtime_dependency 'selenium-webdriver', '>= 3.0', '< 4.0'
 end