November 30, 2025, 7:29 am | Read time: 2 minutes
Many PC users have likely had the popular compression program 7-Zip installed for years—unaware that older versions currently pose a serious security risk. A high-risk vulnerability is already being actively exploited, according to security researchers.
Dangerous Flaw Affects Multiple Versions
The security flaw (CVE-2025-11001) affects 7-Zip versions from 21.02 up to and including 24.09. Attackers are already exploiting it to target systems. Version 25.00, released in early July, and later updates no longer have this issue. Therefore, anyone still using an older version should act quickly.
Since many users do not use 7-Zip daily, there is a risk that insecure versions remain installed on computers, providing an unnoticed entry point.
Google Chrome Is More Vulnerable Than Ever
Google Closes Android Security Vulnerability Exploited by Hackers
Check Your 7-Zip Version
To find out if your installation is affected, you can check the version number in the program menu under “Help/About 7-Zip.” If it is below version 25.00, an update should be performed immediately. The latest version (currently 25.01) is available for download on the official 7-Zip website.
Read also: Federal Office for Security Warns of Keyboard Shortcut Trick
Alternative: Windows Offers Built-in Compression Features
If you have only used 7-Zip occasionally, such as to open or create archives in the 7z format, you can now also rely on the built-in tools of Windows 11. Since mid-August, the operating system has supported not only ZIP but also the 7z and TAR formats directly.
Packing or unpacking is straightforward: Simply select one or more files, right-click, and choose the “Compress to” option in the context menu.
With material from dpa