7-Zip flaw lets hackers infect your PC with malware. Update ASAP!

Earlier this week, security firm Trend Micro posted a security advisory (spotted by BleepingComputer) about a big vulnerability in 7-Zip, a popular file archiving utility app that’s used by millions around the world.

According to the advisory, the vulnerability — identified as CVE-2025-0411 — makes it possible for hackers to bypass the Mark of the Web (MotW) security feature in Windows and remotely execute code on your PC when extracting from a malware-loaded archive file.

Igor Pavlov, developer of 7-Zip, actually patched the flaw back in November 2024 with version 24.09. However, 7-Zip doesn’t have an automatic update feature, so many users are still using outdated versions of the app that are still vulnerable to this MotW exploit.

If you haven’t updated 7-Zip in a long time, do it now. Head over to the 7-Zip download page and get the latest version, which is 24.09 as of this writing. As long as you’re on that version or later, you’ll be okay.