7-Zip Vulnerability CVE-2025-0411 Allows Code Execution
/ 1 min read
🗜️ New 7-Zip vulnerability allows code execution by bypassing security features. Security researcher Dhmos Funk has unveiled a proof-of-concept exploit for CVE-2025-0411, a high-severity flaw in 7-Zip that enables attackers to circumvent the Windows Mark of the Web (MotW) security feature. This vulnerability allows malicious files extracted from specially crafted archives to execute without triggering security warnings, posing a significant risk to users. The exploit affects all versions of 7-Zip prior to 24.09, prompting urgent updates to the latest patched version. Users are advised to exercise caution with unknown files and ensure their security software is up-to-date to mitigate potential threats.
Source

Original