Share

• Copy link
• Facebook
• X
• Reddit
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the Tom's Guide Newsletter

Here at Tom’s Guide our expert editors are committed to bringing you the best news, reviews and guides to help you stay informed and ahead of the curve!

Become a Member in Seconds

Unlock instant access to exclusive member features.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Daily (Mon-Sun)

Tom's Guide Daily

Sign up to get the latest updates on all of your favorite content! From cutting-edge tech news and the hottest streaming buzz to unbeatable deals on the best products and in-depth reviews, we’ve got you covered.

Signup +

Weekly on Thursday

Tom's AI Guide

Be AI savvy with your weekly newsletter summing up all the biggest AI news you need to know. Plus, analysis from our AI editor and tips on how to use the latest AI tools!

Signup +

Weekly on Friday

Tom's iGuide

Unlock the vast world of Apple news straight to your inbox. With coverage on everything from exciting product launches to essential software updates, this is your go-to source for the latest updates on all the best Apple content.

Signup +

Weekly on Monday

Tom's Streaming Guide

Our weekly newsletter is expertly crafted to immerse you in the world of streaming. Stay updated on the latest releases and our top recommendations across your favorite streaming platforms.

Signup +

---

Join the club

Get full access to premium articles, exclusive features and a growing list of member rewards.

Explore

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

Early versions of 7-Zip, a file compression program, are affected by a security flaw with a severity score of 7.8 out of 10.

Disclosed by Trend Micro’s Zero Day Initiative and first discovered by Trend Micro Security researcher Nicholas Zubrisky back in June of this year, the flaw affects all 7-Zip versions prior to 24.07 and allows attackers to execute code on a victim’s machine.

An easy exploit, the threat actors could use any of several attack vectors to exploit a specific flaw in the implementation of the program's Zstandard decompression. The ZDI advisory goes on to explain that the proper validation of user-supplied data can then be leveraged to execute code in the context of the current process.

Basically, this means that although it would likely require victim interaction such as opening a file, the archives could be used to install malware on your PC.

The current version of 7-Zip is 24.08, released on June 19, 2024. However, as the program doesn’t have automatic updates, the app itself and subsequent updates need to be manually installed to protect users.

How to stay safe

So, if you are running 7-Zip and especially a version earlier than 24.07, make sure to manually install the latest update immediately to avoid falling victim to any cyberattacks leveraging these flaws.

As always though, never open any files you didn't ask for, don’t open them when you don't recognize the sender and when you're not sure what they are. To protect yourself further, make sure you’re using the best antivirus software to keep your Windows PC safe from the latest threats.

More from Tom's Guide

• ExpressVPN steps up its game with new Credit Scanner tool
• Is VPN by Google coming to Pixel Tablet?
• Microsoft is changing the way admin privileges work in Windows - here's why