7-Zip Fixes Bug That Bypasses Windows MoTW Security Warnings

7-Zip, one of the most popular open-source file archivers, has addressed a high-severity vulnerability in its latest patch that could allow attackers to bypass the Mark of the Web (MoTW) security feature in Windows. This flaw, tracked as CVE-2025–0411, poses significant risks by enabling malicious code execution on users’ computers when extracting files from nested archives.

The Mark of the Web is a security feature introduced by Microsoft to provide an additional layer of protection when handling files from potentially untrusted sources. Files downloaded from the internet or received from untrusted sources are tagged with the MoTW flag (also known as ‘Zone.Id’), which informs Windows and associated applications to treat these files with caution. When a file with MoTW is executed, users are alerted with security warnings about potential risks, such as malware infections, allowing them to take necessary precautions.

This flag is particularly important for preventing the execution of malicious files. When users open files with the MoTW flag, Windows, web browsers, and other software impose security restrictions. For instance…