What is 7‑Zip
- 7‑Zip is a free, open‑source file archiver / compression utility developed by Igor Pavlov.
- It supports high compression using its native 7z format (with LZMA / LZMA2), and handles many common archive formats (ZIP, TAR, GZIP, BZIP2, etc.).
- It is licensed under LGPL (and BSD for some parts).
- It is widely used on Windows (various versions) and has ports / versions for other platforms (p7zip etc.).
What’s New in Version 25.01
7‑Zip 25.01 was released on August 3, 2025.
Here are the key changes / fixes introduced in 25.01:
| Change / Fix | Description / Impact |
|---|---|
| Improved handling of symbolic links (symlinks) | The code for managing symbolic links during extraction was modified to enhance security — preventing certain unsafe symlink operations. (7-zip.org.pl) |
New command line switch ‑snld20 | Allows bypassing the default safety checks when creating symbolic links (for advanced users who are confident of their archive source) (7-zip.org.pl) |
| Security vulnerability fix (CVE‑2025‑55188) | Prior versions (before 25.01) had a vulnerability that could allow arbitrary file writes (which in turn may lead to code execution) when extracting malicious archives containing symlinks. (Openwall) |
| Various bug fixes / tweaks | Miscellaneous fixes to improve reliability and stability. (allcom.se) |
Because the vulnerability is significant, updating to 25.01 (or newer) is strongly recommended.
Security / Vulnerabilities
- CVE‑2025‑55188: Versions of 7‑Zip prior to 25.01 may allow arbitrary file write during extraction, especially when handling symbolic links, which potentially leads to execution of malicious code.
- Because of this, all users of older versions should upgrade.
- The change in 25.01 tightens the behavior around how symlinks are handled, making the extraction safer by default.
Strengths & Advantages
7‑Zip remains one of the most popular archivers for good reasons:
High compression: The 7z format, especially with LZMA / LZMA2, often achieves better compression than ZIP for many data types.
Wide format support: For reading / extracting many formats (RAR, TAR, etc.).
Free / open source: No cost, no registration, usable in commercial settings.
Shell integration & GUI / CLI support: You get context menu integration in Windows, as well as a command‑line interface and file manager.
Lightweight / efficient: The installer and footprint are small; the program runs efficiently.
Limitations & Considerations
- Some advanced / exotic archive formats may have limited support (especially for writing).
- The misuse of symbolic links in archives is a security vector (as seen in the vulnerability fixed).
- If you bypass safety checks (via
‑snld20), you take responsibility for the trustworthiness of archives. - Older versions (pre‑25.01) are vulnerable; using them is risky.
- There is no built‑in auto‑update in many 7‑Zip versions — you have to manually download/install the newer version.
How to Safely Use / Upgrade to 7‑Zip 25.01
Here are some recommended steps:
Download from official source
Always get 7‑Zip from the official site (7‑zip.org) or official mirrors, to avoid tampered binaries. lzma.orgVerify version / checksum
After installing, check version (Help → About) and if possible verify checksum (if the official site publishes it) to ensure authenticity.Backup settings
If you have custom settings, profiles, shortcuts, back them up before upgrading.Uninstall / overwrite
You can install 25.01 over older versions (no need to fully uninstall first in many cases), but ensure no residual old DLLs or files remain.Avoid extracting archives from unknown / untrusted sources, even with the patched version — always be cautious.
Avoid using
‑snld20unless necessary
That switch disables the symlink safety checks; use it only if you fully trust the archive content.Stay alert / monitor updates
Since security vulnerabilities are discovered over time, check occasionally if newer versions (beyond 25.01) are released.
