NIST says critical vulnerability found in 7-Zip archiving software
A critical vulnerability has been identified in 7-Zip, a free software program used for archiving data, according to the National Institute of Standards and Technology. The flaw allows cyber actors to write code outside of the intended extraction folder where the user did not intend. “It is important to note that there is no automatic patch available for this,” said Scott Gee, AHA deputy national advisor for cybersecurity and risk. “Anyone using 7-Zip should manually update their software.”
For more information on this or other cyber and risk issues, contact Gee at sgee@aha.org. For the latest cyber and risk resources and threat intelligence, visit aha.org/cybersecurity.
Related News Articles
Headline
Stryker, a medical technology company that provides services and products for hospitals, was disrupted globally by a cyberattack, the company announced March…
Headline
The White House issued an executive order March 6 to combat cybercrimes by threat groups. The order highlights how such groups can receive willing or…
Headline
The Administration for Strategic Preparedness and Response has released a new cybersecurity module for organizations to conduct risk assessments. The free…
Perspective
As the world has learned in recent years, today’s conflicts are fought with many weapons, and cyber warfare is an integral part of the arsenal.As of this…
Headline
The FBI is reminding critical infrastructure organizations to implement mitigations from a June 2025 fact sheet on potential actions by Iranian-affiliated…
Headline
The Cybersecurity and Infrastructure Security Agency Feb. 26 released a report that updates findings from last year on RESURGE malware used to gain covert…