7-Zip Archives

Winsage

March 13, 2026

These 4 open-source apps fixed Windows’ biggest problems

Windows operating system has evolved over the years, but initially, it often required external tools for tasks like video playback, file compression, secure connections, and file transfers. VLC Media Player addressed the issue of codec compatibility in video playback by bundling its own codecs, making it a widely used media player. 7-Zip improved file compression on Windows by offering superior efficiency, extensive format support, and user-friendly features, becoming essential for archiving tasks. PuTTY provided Windows users with their first effective SSH client, allowing secure terminal connections to remote servers, and remains popular despite Microsoft integrating OpenSSH. FileZilla simplified the process of uploading files to servers with its user-friendly graphical interface, becoming a staple for web developers. Despite improvements in Windows, many users continue to install these open-source applications out of habit due to their reliability and effectiveness.

Tech Optimizer

March 11, 2026

Attackers Use Malformed ZIP Archives to Evade Antivirus and EDR Tools

Cybersecurity researchers at the CERT Coordination Center (CERT/CC) have identified a new evasion technique, VU#976247, used by threat actors to exploit malformed ZIP archives and bypass Antivirus (AV) and Endpoint Detection and Response (EDR) systems. Attackers manipulate the internal headers of ZIP files, particularly altering the compression method field, which causes security tools to fail in analyzing the malicious payload. While some security products may flag the modified files as corrupted, they often do not detect the underlying malicious code. Standard extraction tools typically trust the tampered metadata and may return errors, leaving the hidden payload undisclosed. Attackers use custom malware loaders to extract and execute the malicious data, circumventing traditional AV detection. Cisco has been confirmed as affected, while other vendors, including AhnLab, Avast, Bitdefender, and Avira, have an “Unknown” status regarding their vulnerability. To mitigate this threat, organizations should enhance archive handling processes, avoid relying solely on declared metadata, adopt aggressive detection modes, flag metadata inconsistencies, and consult with AV and EDR providers about vulnerabilities.

Tech Optimizer

March 11, 2026

Malformed ZIP Files Allows Attackers to Bypass Antivirus and EDR Detections

A vulnerability identified as CVE-2026-0866 allows malicious actors to exploit malformed ZIP headers to bypass antivirus and Endpoint Detection and Response (EDR) systems. This flaw occurs because most security solutions rely on metadata within ZIP archives to scan and process files. When the compression method field is altered, security scanners may fail to decompress the archive correctly, resulting in a false negative and leaving the malicious payload undetected. Attackers can then use a custom loader to access the embedded malicious data, circumventing standard extraction tools. Cisco has been confirmed as affected by this vulnerability, while nearly 30 other security vendors have not disclosed their status. The cybersecurity community is urged to evolve scanning methodologies, including not relying solely on declared metadata and implementing aggressive detection modes. Organizations should verify their antivirus and EDR solutions for vulnerability to CVE-2026-0866 and monitor for custom loaders.

Winsage

March 6, 2026

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft revealed a social engineering campaign named ClickFix that exploits the Windows Terminal application to deploy Lumma Stealer malware. Detected in February 2026, this campaign instructs users to access Windows Terminal using the Windows + X → I shortcut, enhancing its perceived legitimacy. Attackers evade detection by manipulating users into executing harmful commands through deceptive prompts. The attack chain involves pasting a hex-encoded command into Windows Terminal, which opens additional Terminal and PowerShell instances, leading to a PowerShell process that decodes a script. This process downloads a ZIP payload containing a renamed 7-Zip binary, which extracts files and initiates a multi-stage attack, including retrieving payloads, establishing persistence, configuring Microsoft Defender exclusions, exfiltrating data, and deploying Lumma Stealer by injecting it into "chrome.exe" and "msedge.exe." Lumma Stealer targets browser artifacts to harvest credentials. A secondary attack pathway involves downloading a batch script that writes a Visual Basic Script to the Temp folder and connects to Crypto Blockchain RPC endpoints, also using QueueUserAPC() for code injection into browsers to extract data.

Winsage

February 22, 2026

For all its problems, these are 5 ways Windows 11 makes my life easier every day

Windows 11 operates on nearly 70% of the world's desktops. It features native extraction for compressed files, allowing users to extract files directly from the context menu without third-party applications. The introduction of tabbed browsing in File Explorer helps manage files more effectively, reducing clutter. Snap assist offers layout options for window arrangement, facilitating multitasking. Users can create separate virtual desktops, each customizable with unique wallpapers, to organize different workspaces. Windows 11 includes native screen recording capabilities and an optical character recognition (OCR) feature for extracting text from images and screenshots.

Winsage

January 26, 2026

Your BitLocker-secured Windows PC isn’t so secure after all – unless you do this

Microsoft's BitLocker encrypts personal files on Windows hard drives to protect against unauthorized access in case of loss or theft. The BitLocker recovery key is essential for decrypting data, but Microsoft has confirmed it will comply with valid legal requests for access to these keys if they are stored in the cloud. This was highlighted during an FBI investigation in Guam, where Microsoft provided recovery keys related to a COVID unemployment fraud case. Microsoft receives about 20 requests for BitLocker keys annually, but many cannot be fulfilled if users do not store their keys in the cloud. The Guam case is the first known instance of Microsoft providing encryption keys to law enforcement, contrasting with a previous request from the FBI in 2013 that was declined. Users can choose to store their keys locally or in Microsoft's cloud, but storing them in the cloud carries risks of unauthorized access. For optimal security, it is recommended to save the recovery key on a USB stick or external drive, encrypting the file if necessary, and avoiding cloud storage. Users should check their BitLocker settings in Windows 11 or 10 to manage their recovery keys and consider removing any keys stored in the cloud.

Winsage

January 11, 2026

I uninstalled Windows 11’s WhatsApp WebView2 and replaced it with the old native app with a new trick

WhatsApp's transition to a Chromium-based web wrapper has resulted in a significant increase in resource consumption for Windows 11 users, with RAM usage reportedly surging to 2GB, compared to less than 1GB for the older version. Users can revert to the older version, which utilizes native code and is more efficient, by following a series of steps involving enabling Developer Mode, downloading a specific package, and using PowerShell commands. The older version maintains a steady resource usage, with memory consumption peaking at 400 MB during status updates and remaining under 300 MB for general messaging. However, reverting to the older version will prevent users from receiving new updates, and it may eventually be phased out by Meta.

Winsage

January 7, 2026

Use Patch My PC Home Updater to Update Windows Apps Automatically

Patch My PC Home Updater is a tool designed for Windows 11 PCs that manages third-party application updates automatically. It scans installed applications, identifies outdated ones, and facilitates updates from a single interface without requiring sign-up or advertisements. The tool supports over 500 common applications and uses color coding to indicate app status. It pulls updates from official sources and verifies them with VirusTotal for security. Features include silent mode for background updates, scheduling for automatic updates, and basic app management capabilities such as installing new applications and bulk uninstalling programs. The updater enhances security by swiftly patching vulnerabilities and integrates with Windows Defender for comprehensive protection. Users can easily set up the tool, automate updates, and customize settings as needed.

Winsage

December 1, 2025

5 Essential Windows Apps Everyone Should Be Using In 2025

Everything is a free application from Voidtools that indexes file and folder names quickly, allowing searches of up to a million files in a minute. It can index mapped network drives and supports Boolean operators and wildcards for advanced search needs. Flow Launcher is an open-source application that serves as a quick launcher and search utility, integrating with Everything for fast file searches and allowing users to open applications, search for files, and perform calculations from a single interface. NanaZip is an open-source archive manager derived from 7-Zip, supporting various archive formats and offering faster processing times, improved encryption, dark mode, and context menu integration. Microsoft PowerToys is a suite of utilities for power users that includes tools like Command Palette, PowerRename, and FancyZones, available for free from the Microsoft Store. Ferdium is an open-source tool that consolidates web applications into a single platform, allowing users to manage multiple web apps within one window, supporting multiple instances of the same app and offering workspace management and a built-in To-do list panel.

Winsage

November 16, 2025

Install Citrix Workspace on Windows 10 or 11 with One Winget Command

Citrix Workspace can be installed on Windows 10/11 using the Windows Package Manager (Winget) with a single command, significantly simplifying the installation process. The command to install Citrix Workspace is PLACEHOLDERd82422506e45dbee, and for a silent installation, the command is PLACEHOLDER9e60d2b5a15c0a19. Winget is pre-installed on Windows 11 and available for Windows 10 (version 1809 and later). To check if Winget is installed, use the command winget --version. If not installed, Windows 10 users can install it via the Microsoft Store or download it from GitHub. To verify the installation, use PLACEHOLDER22b868ab6c66c0b5. If issues arise, commands such as PLACEHOLDER701c3ab11cb60203 or PLACEHOLDERfe806bd28c6739dc can help troubleshoot. Updating Citrix Workspace can be done with PLACEHOLDERa75655fef5d4711e. For batch deployments, a PowerShell script can be created to automate the installation across multiple machines.