Vulnerability in WinZip Allows Hackers to Take Control of Your Computer

One of the world’s most popular file archiving programs, WinZip, has been found to contain a critical security vulnerability. Designated as CVE-2025-1240, this vulnerability enables attackers to execute arbitrary code remotely using malicious 7Z archive files.

This vulnerability has received a CVSS rating of 7.8 and affects WinZip 28.0 (Build 16022) and all earlier versions. Security experts strongly recommend upgrading to WinZip 29.0 to mitigate the risk of potential attacks.

The vulnerability arises from improper validation of 7Z archive files during processing. This flaw allows attackers to craft specially designed malicious archives, leading to out-of-bounds memory writing (out-of-bounds write).

If attackers combine this exploit with other vulnerabilities, they could potentially gain full control over the affected system.

Key Exploitation Conditions:

• The user must open a malicious archive or visit a compromised website.
• The vulnerability specifically affects the 7Z file processing component of WinZip.

The Zero Day Initiative (ZDI) has classified this vulnerability under the code ZDI-CAN-24986 and has warned that, due to WinZip’s widespread use, this exploit poses a significant threat.

If successfully exploited, this vulnerability allows attackers to execute code with the same privileges as the current user, leading to the following threats:

• Installation of malware and ransomware – Attackers can implant malicious code into the system.
• Theft of confidential data – Credentials, banking details, and other sensitive information may be compromised.
• Lateral movement within networks – Attackers may infiltrate corporate environments for deeper attacks.

Although user interaction is required for exploitation, the widespread use of 7Z archives in software distribution and data exchange increases the likelihood of phishing-based attacks.

WinZip Computing has released version 29.0 (Build 16250) in December 2024 to fix this vulnerability. This update includes the following security improvements:

• Updated 7Z and RAR libraries – Enhanced file integrity checks.
• Faster patch deployment system – Users can now receive security updates more quickly.

User Recommendations:

1. Immediately update to WinZip 29.0 – Download the update from the official website or use the built-in auto-update feature.
2. Avoid opening 7Z archives from untrusted sources – Be cautious of phishing attempts.
3. Enable automatic updates – Protect your system from future vulnerabilities.

Recently, file-processing-based exploits have been on the rise. For instance, the recently discovered Windows OLE vulnerability (CVE-2025-21298) allowed malicious code execution via email without any user interaction.

Such incidents emphasize the importance of file security controls and timely software updates. This is particularly critical for WinZip, as it processes over 1 billion archived files annually, and any security flaw could lead to widespread attacks.

Cybersecurity experts urge organizations and businesses to promptly apply this security update and educate employees about the dangers of opening suspicious files.

The CVE-2025-1240 vulnerability has exposed serious security flaws in WinZip, and users are strongly advised to upgrade to WinZip 29.0 immediately.

This incident once again highlights the importance of software developers taking responsibility for security.

Both individuals and organizations should regularly install updates, remain vigilant against phishing threats, and strengthen security monitoring to defend against such risks.

As technology advances, cybercrime is also evolving, and only continuous precautionary measures can ensure your system remains secure. 🚨