7Zip Symbolic Link–Based RCE Vulnerability (CVE-2025-11001) with proof-of-concept (PoC) code

7-Zip is third party EU FOSS approved software used to encrypt/decrypt many file formats, including zip, .tar, .gz, .rar  and proprietary .7z format.

The vulnerability in question is CVE-2025-11001 (CVSS score: 7.0, October 7th, 2025), which allows remote attackers to execute arbitrary code using symbolic links. 

Symlinks in Windows 10!  - Excellent article and demonstrates how a symbolic link can run an executable. 

Also fixed was CVE-2025-11002 (CVSS score: 7.0), that allows for remote code execution by taking advantage of improper handling of symbolic links within ZIP archives, resulting in directory traversal. Both shortcomings were introduced in version 21.02.

How to Fix

Fixed in 7-Zip version 25.01 (25.00 has been removed from download page) 

Upgrade your 7-zip now - Download (7-zip.org) - Confirmed working on Windows 7.

POC Code
pacbypass/CVE-2025-11001: Exploit for CVE-2025-11001 or CVE-2025-11002 (github.com)

Looking for RichCopy with an active download link - Update Nov 2025

This post will explore consolidate or merging multiple files in multiple locations into 1 (one) directory and consolidating repeat files into 1 file using Richcopy, a free easy-to-use utility from Microsoft.


Basically the Richcopy GUI tool has some advanced functionality found in Robocopy.  Robocopy is short for robust copy, and is a built-in Windows utility that provides robust file copy, such as copying files without permissions.  Read my post for more info.

First you need to get a copy of RichCopy  as described in this article in TechNet Magazine Utility Spotlight RichCopy, by J. Hoffman



RichCopy 4.0.217.0 is in this file HoffmanUtilitySpotlight2009_04.exe (5,896 KB)  named after J. Hoffman the author. Download and run setup.exe.

Update 2025: Download RichCopy 4.0.217 - FileCroco.com - HoffmanUtilitySpotlight2009_04.exe has Microsoft Signature intact.

Why Richcopy vs Robocopy? 

1. Ease of Use: RichCopy's GUI makes it easier for users who are not comfortable with command-line interfaces, while Robocopy requires familiarity with command-line syntax, which can have a steeper learning curve.

2. Performance: RichCopy's multithreading can lead to faster transfers in certain scenarios, but Robocopy's robust error handling and logging make it more reliable for critical file operations. 

3.  Functionality: Robocopy offers more advanced features for automation and scripting, making it suitable for IT professionals and system administrators who need to perform complex file operations regularly.

Image 1: RichCopy GUI

A brief background on Robocopy

Robocopy enables the more serious file replication tasks that can really simplify your job. The biggest benefit I think you'll find is the ability to create full mirror duplicates of two file structures (including all sub-directories and files, if you choose) without copying any unnecessary files. Only the files that are new or have been updated in the source location will be copied. Robocopy also allows you to preserve all of the associated file information, including date and time stamps, security access control lists (ACLs) and more.

Robocopy is built into Windows 7, Windows 8+, Windows 10+, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2016+ 

In this case, we're discussing the simplest of tasks: copying files. Except copying files is not always that simple. 

• What if you're copying thousands of files across a slow connection? 
• What happens if your network hiccups and interrupts the copy? 
• What if you want to make sure that you preserve particular file attributes, such as a Last Modified date, but not other attributes, like security descriptors? 
• What if you want to filter the files you're copying from source to destination based on filename or extension?
• Copy files without permissions and file information
• Copy files longer than 260 characters 
• Actively supported

Consolidate Repeated Files

RichCopy version 4.0 supports specifying multiple source directories. Default behavior is to create directories with same name as source, and make a copy. When this option is selected, RichCopy copy all sources files and directories into specified destination directory without creating directories with same name as source. 

Also, if you have File A in Directory 1 and File A in Directory 2, File A with the latest date will be copied into Destination directory. This behaviour can be altered using Copy always (do not compare source and destination) options, see image 2.

Never have repeat file again, especially when syncing to the cloud.

Consolidate Files Using RichCopy

Step 1 Choose multiple source directories and destination (consolidated) directory. 

NOTE : When this completes, Copy complete only mentions the last path of Source Path. 

Image 1: RichCopy GUI

Step 2 Choose Option button and select "Consolidate multiple sources"

Image 2: RichCopy Options interface

Step 3 Wait until "Copy Complete" appears in Description as in Image 1. Copy complete only mentions the last path of Source Path. This behaviour can be altered using Copy always (do not compare source and destination) options.

Step 4 Done.

Consolidate Multiple Source Results

Here's proof of the the process when using "Consolidate multiple sources" option; 

Our two source directories are c:\temp and c:\backup, and contain the same files NameLengths.txt and PathLengths.txt. 

Image 3 : Temp source Directory 

Take note of NameLength.txt time-stamp in Backup directory (Image 4) is newer than temp directory (Image 3 above).

Image 4 : Backup source directory

The resultant consolidate directory contains only 1 copy of the all the repeated files. Duplicate files are resolved using the most recent time-stamp. This behaviour can be altered using Copy always (do not compare source and destination) options.

NameLength.txt's time-stamp in Backup directory (Image 4) is newer than temp directory (Image 3 above) and therefore end-up in the output consolidate_test directory. 

Image 5 : Consolidate directory and files

There you go, a great way to consolidate your mess of duplicate files.  

Fix Path Tool Long Error and Conslidation

Richcopy will bomb on paths too long errors. It's a problem for many tools. 

I build a specialized tool to solve the path too long issue completely. Path Tool Long Auto Fixer tool is the 1st tool on the market to find all directories and filenames that are too long and auto correct them!

Download free demo at https://pathtoolongautofixer.blogspot.com

Windows 10 - Upgrading to latest version of Curl for Developers

Windows  10 comes with it's own curl but seems to be behind on the curl updates. So I wanted manually update curl to latest version which is curl 8.17.0 at time of writing. 




 Get latest curl for Windows

Firstly, delete curl.exe at C:\windows\system32 and C:\Windows\SysWOW64, these were stuck at version 7.52.0. You'll need take ownership of the file, with your username.

Then find what default curl.exe is being used in the command line cmd.exe. 

Execute  where curl.exe

So, we see chocalatey is now the source of curl.exe command, it's 1st on the resultant list.

Upgrading chocalety, using following command

   

choco upgrade chocolatey
choco upgrade curl

Upgrade completed with proper shims. 

If you don't have chocalety, then you can manually copy files from curl 8.17.0 zip folder /bin copy these files: 

curl-ca-bundle.crt

curl.exe

libcurl-x64.def

libcurl-x64.dll

trurl.exe

to next directory in the list.

 And now curl is upgraded in cmd.exe when you launch it.

   

C:\Users\Markus>curl -V
curl 8.17.0 (x86_64-w64-mingw32) libcurl/8.17.0 LibreSSL/4.2.1 zlib/1.3.1.zlib-ng brotli/1.2.0 zstd/1.5.7 WinIDN libpsl/0.21.5 libssh2/1.11.1 nghttp2/1.68.0 ngtcp2/1.17.0 nghttp3/1.12.0
Release-Date: 2025-11-05
Protocols: dict file ftp ftps gopher gophers http https imap imaps ipfs ipns ldap ldaps mqtt pop3 pop3s rtsp scp sftp smb smbs smtp smtps telnet tftp ws wss
Features: alt-svc AsynchDNS brotli CAcert HSTS HTTP2 HTTP3 HTTPS-proxy IDN IPv6 Kerberos Largefile libz NTLM PSL SPNEGO SSL SSLS-EXPORT SSPI threadsafe UnixSockets zstd

And don't forget to rock.