CySecurity News - Latest Information Security and Hacking Incidents, EN

Critical 7-Zip Vulnerability Exposes Millions of Systems to Potential Malware Attacks

 

A fresh disclosure highlights a security weakness in the popular 7-Zip tool, stirring unease within cyber defense circles due to its potential misuse for spreading harmful software. Though limited to outdated builds of this open compression program, the flaw might let hackers run unauthorized scripts when someone opens manipulated archive files. Because user interaction triggers the problem, deception becomes part of the attack path – simply opening a corrupted file may be enough. 

While patches exist for current releases, unpatched systems remain exposed through seemingly harmless data containers. Since many rely on legacy installations unknowingly, risk lingers across personal and business setups alike.

Earlier this year, researchers uncovered a weakness labeled CVE-2026-48095, also tracked under GHSL-2026-140. This problem lies in how 7-Zip handles NTFS volume images. 

Instead of managing memory safely, it allows excess data to spill past set limits – a behavior known as heap-based buffer overflow. Because memory gets corrupted during file processing, attackers might exploit this to run unauthorized code. Experts warn such flaws carry high risk due to their potential for system takeover. Though details remain limited, the core danger stems from improper boundary checks during archive extraction.

Opening an archive with a specially designed NTFS image file sets off the exploit, studies show. 

When handling such files, certain editions of 7-Zip fail to compute buffer sizes correctly – evidence points to flawed logic during parsing. As a consequence, allocated memory falls short, leading software to overwrite nearby regions by mistake. Such instability opens paths where malicious inputs might run unchecked or force sudden halts in operation.

Back in April, someone alerted the 7-Zip developers about the issue without going public. After that report came through, the team put out version 26.01 – fixing the weakness and shutting down the danger it posed. 

Not long afterward, they shared an official notice with everyone; included was a working Python example showing exactly what attackers might do on outdated versions.

One way this flaw plays out depends heavily on what kind of setup it’s found in, along with how much computing power sits nearby. Sometimes attackers might run their own programs from afar; other times they simply knock apps offline or freeze them completely. 

Even when effects differ, moving to the newest 7-Zip build is seen as essential – no workarounds exist once a version falls inside the risk zone.

What makes the situation more serious is how common 7-Zip has become. With hundreds of millions of downloads, it runs on many Windows and Linux machines. 

Because so much automation depends on its built-in tools, companies often embed its compression features into larger programs.

One reason 7-Zip poses risk is how common it has become – flaws could reach millions. When updates lag, experts say, those gaps catch hackers’ attention. Old setups might open doors without warning, especially if archives appear safe at first glance.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: