Biz & IT Ars Technica
Vulnerability stripped MotW tag Windows uses to flag Internet-downloaded files.
There’s an archive in my archive
The 7-Zip vulnerability allowed the Russian cybercrime group to bypass those protections. Exploits worked by embedding an executable file within an archive and then embedding the archive into another archive. While the outer archive carried the MotW tag, the inner one did not. The vulnerability, tracked as CVE=2025-0411, was fixed with the release of version 24.09 in late November.
Read full article
Comments
Published: 2025-02-05T21:05:37
