Version 25.01 contains a fix for the CVE-2025-55188 vulnerability, which could allow for arbitrary file write and code execution.
Symbolic Link Handling:
The update changes how 7-Zip handles symbolic links during archive extraction, which is the cause of the vulnerability.
Important Precautions:
Update Immediately:
Organizations and individuals should prioritize updating to 7-Zip 25.01 or a newer version as soon as possible.
Download from Official Sources:
Only download 7-Zip from the official website to ensure you're getting the legitimate and patched version.
Exercise Caution with Untrusted Archives:
Even with the patch, it's always a good practice to be cautious and avoid extracting archives from unknown or untrusted sources.
The update has to be manually downloaded.
7-Zip 25.01 Released to fix Vulnerability
Login to the community
No account yet? Create an account
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.