Always download 7-Zip directly from its official site to avoid "trojanized" versions found on similar-looking, unofficial domains.
NIST says critical vulnerability found in 7-Zip archiving software | AHA News Bypass.7z
If you are unable to update, consider using modern file managers or alternative extraction tools like PeaZip or the native Windows extraction utility, which have different security implementations. Always download 7-Zip directly from its official site
Ensure you are using the latest version from the official 7-Zip website, as patches are released to address such vulnerabilities. Includes 7-Zip version 24
The vulnerability allows attackers to create specially crafted .7z archives that, when extracted, strip the MoTW from the enclosed files. By doing so, a malicious file can be executed without the typical security warnings that Windows would otherwise provide. Security feature bypass.
Includes 7-Zip version 24.07 and earlier.