Two critical flaws put 7-Zip users at risk of remote code execution

Two recently discovered security flaws could make 7-Zip a serious risk to data and system security. These bugs had been known internally for months, and 7-Zip ...
Tom's Hardware on MSN

New 7-Zip high-severity vulnerabilities expose systems to remote attackers — users should update to version 25 ASAP

Two newly disclosed vulnerabilities in 7-Zip could allow attackers to execute arbitrary code by tricking users into opening a ...
ZATAZ

7-Zip vulnerabilities: directory escape and remote execution

During extraction, 7-Zip may follow or recreate symlinks without verifying they remain inside the intended destination. A crafted ZIP that points outside the target tree can cause writes or ...
Guru3D

Update 7-Zip: ZIP Symlink Vulnerabilities Enable Code Execution on Windows

If you use 7-Zip to handle your ZIP files, it’s time to update right away. Two serious security flaws discovered by Trend Micro’s Zero Day Initiative (ZDI) can let attackers run code on your computer ...
Bleeping Computer

SolarWinds hackers used 7-Zip code to hide Raindrop Cobalt Strike loader

The ongoing analysis of the SolarWinds supply-chain attack uncovered a fourth malicious tool that researchers call Raindrop and was used for distribution across computers on the victim network. The ...