Worrying Windows security issue patched by 7-Zip, so patch now
Posted by:
James Thompson
A recent security vulnerability in older versions of the popular file archiver 7-Zip has been discovered and promptly patched. Users are urged to manually update to the latest version due to the absence of an automatic update feature.
The vulnerability, identified as CVE-2025-0411, allowed threat actors to execute malicious code by bypassing the Mark of the Web security feature during file extraction from nested archives. Mark of the Web is a Windows security feature that tags internet-downloaded files as potentially unsafe to prevent automatic execution of malicious scripts.
Although 7-Zip introduced support for Mark of the Web in June 2022, it was found to be improperly implemented, enabling attackers to exploit the system. Following the advisory from cybersecurity researchers Trend Micro, a fixed version 24.09 was released in late November 2024 to address the vulnerability.
Developer Igor Pavlov explained that the flaw specifically impacted the 7-Zip File Manager’s handling of nested archives, failing to propagate the Zone.Identifier stream for extracted files, thus allowing arbitrary code execution. It is crucial for users to update their software to the latest version to ensure protection against such security risks.
Recent Posts1
