Skip to main content

A serious security vulnerability has been found in 7-Zip

7-Zip is free, open-source file archiving software that's been around for an awfully long time—nearly two decades, according to Wikipedia. It's barebones, it's simple, and it works, which is why we included it in our list of essential applications for a fresh PC. Unfortunately, as discovered by the Center for Internet Security, it also suffers from a pretty serious security vulnerability that can enable "arbitrary code execution." 

What that means, basically, is that someone who successfully exploits this security flaw could install programs on your PC, view, edit, or delete data, or create new user accounts with full access rights. The good news is that CIS says there are no reports of this actually happening, but the bad news is that the security flaw is present in all versions of 7-Zip prior to 18.05. That version was just released on April 30, which means that unless you've updated sometime within the last four days, your PC is exposed.

Fortunately, the solution is simple. Go to, download the latest version (it's tiny), and install it. Boom! Problem solved, and you'll be pleased to know that the hot new version of 7-Zip looks exactly the same as the old crappy one.   

CIS also recommended that all software should be run as a non-privileged user, and to apply the "Principle of Least Privilege" to all systems and services, so that if your PC does fall prey to a sploitz-jerk, the damage will be minimized. As a general approach, that's probably not a bad idea.

Amazingly, 7-Zip has a trailer. It's everything you would expect.

Andy covers the day-to-day happenings in the big, wide world of PC gaming—the stuff we call "news." In his off hours, he wishes he had time to play the 80-hour RPGs and immersive sims he used to love so much.