腾讯网

7-Zip 曝出两个可导致拒绝服务的中危漏洞

研究人员在全球使用最广泛的开源文件压缩软件7-Zip中新发现两个漏洞(CVE-2025-53816和CVE-2025-53817)。这两个漏洞影响7-Zip 25.0.0之前的所有版本,虽然不能实现远程代码执行,但可能引发内存损坏和拒绝服务(Denial of Service,DoS)风险。 根据CVSSv4评分标准,这两个 ...
Guru3D.com

Update 7-Zip: ZIP Symlink Vulnerabilities Enable Code Execution on Windows

If you use 7-Zip to handle your ZIP files, it’s time to update right away. Two serious security flaws discovered by Trend Micro’s Zero Day Initiative (ZDI) can let attackers run code on your computer ...
腾讯网

7-Zip 被曝高危漏洞可远程执行任意代码,建议更新至 25.00 版本

IT之家 10 月 11 日消息,开源压缩软件 7-Zip 被发现存在两项高危安全漏洞,攻击者可能利用该漏洞远程执行任意代码。研究人员建议所有用户立即更新至最新版本 25.00,以避免潜在风险。 根据通报资料,这两项漏洞编号为 CVE-2025-11001 和 CVE-2025-11002,影响所有旧版 ...
ZDNet

Severe 7-Zip vulnerabilities cause top security, software tools patch panic

Researchers have discovered that 7-Zip harbours a number of severe security flaws which has left developers which implement the software rushing to fix holes in their own products. 7-Zip is an ...
中关村在线

7-Zip 25.01 发布,强化符号链接安全机制

感谢网友 Coje_He 提供的投稿线索! 8 月 6 日消息,开源压缩工具 7-Zip于 8 月 3 日发布了 25.01 版本更新。本次更新主要聚焦于提升软件安全性,功能改进幅度相对较小。 根据更新日志,此次版本在解压操作中对处理符号链接(symbolic link)的代码进行了优化,增强 ...
Computerworld

Dangerous 7-Zip flaws put many other software products at risk

Two vulnerabilities recently patched in 7-Zip could put at risk of compromise many software products and devices that bundle the open-source file archiving library. The flaws, an out-of-bounds read ...
Bleeping Computer

7-zip now supports Windows ‘Mark-of-the-Web’ security feature

7-zip has finally added support for the long-requested 'Mark-of-the-Web' Windows security feature, providing better protection from malicious downloaded files. When you download documents and ...