02-04-2025, 02:55 PM
News Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protecti
A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware.
The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the context of the current user. It was addressed by 7-Zip in November 2024 with version 24.09.
"The vulnerability was
https://thehackernews.com/2025/02/russia...ing-7.html
A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware.
The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the context of the current user. It was addressed by 7-Zip in November 2024 with version 24.09.
"The vulnerability was
https://thehackernews.com/2025/02/russia...ing-7.html