Tech7 views

Critical 7-Zip Vulnerabilities Enable Remote Code Execution Attacks

Two major security flaws have been discovered in 7-Zip that could allow attackers to compromise Windows systems through malicious ZIP files.

The Vulnerabilities: CVE-2025-11001 and CVE-2025-11002

These critical vulnerabilities enable directory traversal attacks, allowing malicious ZIP files to:

  • Escape the original extraction directory
  • Write files to unauthorized system areas
  • Execute arbitrary code with user privileges
  • Potentially compromise entire Windows environments

Low Complexity Exploitation

The attack vector is dangerously simple:

  • Users only need to open or extract a malicious ZIP file
  • No additional user interaction required
  • Exploitation complexity is minimal

Immediate Action Required

Update to version 25.01 or later to patch these vulnerabilities.

The fix is available now, and security experts strongly recommend immediate updates to prevent potential system compromise.

More

View all
SecurityApril 18, 2026

Google Links Axios Library Attack to North Korean Group

Google links Axios library supply chain attack to North Korean group UNC1069. Affected versions: 1.14.1 and 0.30.4. Remove and rotate credentials immediately.

EnergyApril 18, 2026

Brain-Inspired Chips Reduce AI Energy Consumption by 70%

New brain-inspired memristor chips can reduce AI energy consumption by 70% by processing data like human neurons. Discover the future of sustainable AI.

TechApril 18, 2026

LG's New Oxide 1Hz Display Extends Laptop Battery Life by 48%

LG's Oxide 1Hz display boosts laptop battery life by 48% with a dynamic 1Hz-120Hz refresh rate. Now filming in Dell XPS laptops; OLED versions coming in 2027.