Center for Internet Security recently discovered a major security vulnerability in the popular, free, open-source file archiving software 7-Zip, which can lead to an “arbitrary code execution” to take place.
This flaw would allow a person to successfully and inconspicuously lets a person install programs on a computer; see, delete and edit information or come up with new full-access user accounts. While there have been no reports of this going on, the security flaw is found in all 7-Zip versions before 18.05, which was released April 30.
Any user who has yet to upgrade their 7-Zip version to the newest update is susceptible to the flaw. The solution to fixing the problem entails downloading the latest 7-Zip version from 7-Zip.org. The new version is similar to the older one but solves the problem that is plaguing older versions.
CIS suggests all software run as non-privileged users, so in the event your computer is compromised, the damage is minimal.