Tom's Hardware on MSN

New 7-Zip high-severity vulnerabilities expose systems to remote attackers — users should update to version 25 ASAP

Two newly disclosed vulnerabilities in 7-Zip could allow attackers to execute arbitrary code by tricking users into opening a ...
Guru3D

Update 7-Zip: ZIP Symlink Vulnerabilities Enable Code Execution on Windows

If you use 7-Zip to handle your ZIP files, it’s time to update right away. Two serious security flaws discovered by Trend Micro’s Zero Day Initiative (ZDI) can let attackers run code on your computer ...

Two critical flaws put 7-Zip users at risk of remote code execution

Two recently discovered security flaws could make 7-Zip a serious risk to data and system security. These bugs had been known ...
heise online

7-Zip 25.00 fixes vulnerabilities and speeds up compression

Version 25.00 of the widely used compression tool 7-Zip was released at the weekend. It speeds up some compression algorithms – and also closes security gaps. In the development history on the 7-Zip ...
ZATAZ

7-Zip vulnerabilities: directory escape and remote execution

During extraction, 7-Zip may follow or recreate symlinks without verifying they remain inside the intended destination. A crafted ZIP that points outside the target tree can cause writes or ...
heise online

7-Zip: Gap allows circumvention of Mark-of-the-Web

A security vulnerability in 7-Zip allows the mark-of-the-web protection mechanism to be bypassed and code to be executed. An update is available. A security vulnerability in the popular archive ...