What?
A high-severity vulnerability in the 7-Zip file archiver, identified as CVE-2025-0411, allows attackers to bypass a Windows security feature that flags files from the internet as potentially unsafe. The vulnerability has been exploited by Russian cybercrime groups to spread malware.
This flaw enables malicious code execution on users' computers when extracting files from specially crafted nested archives. This security feature, introduced in 7-Zip version 22.00, is designed to alert users about files from untrusted sources. However, due to this vulnerability, 7-Zip fails to apply these safety warnings to extracted files, leaving users exposed to potential threats.
So What?
To protect against this vulnerability, users should immediately update to 7-Zip version 24.09, released on 30 November 2024, which patches the flaw. Since 7-Zip lacks an auto-update feature, manual updates are necessary to ensure security.
Keeping software up to date is crucial, as similar vulnerabilities have been exploited in the past to deploy malware. Users should also remain cautious when handling files from untrusted sources and consider using additional security measures, such as antivirus software, to mitigate risks. By taking these steps, users can safeguard their systems against potential attacks exploiting this vulnerability.