Windows News
Windows 11's latest major update introduces support for cutting-edge compression formats while simultaneously exposing new security vulnerabilities that users need to understand. This dual-edged development represents Microsoft's ongoing balancing act between innovation and protection in the modern computing landscape.
The New Compression Format Landscape
Microsoft has significantly expanded Windows 11's native compression capabilities with support for:
- Zstandard (zstd): A real-time compression algorithm developed by Facebook that offers better ratios than ZIP
- Libarchive integration: An open-source library supporting 7z, RAR, TAR, and ISO formats natively
- Improved LZMS compression: Microsoft's proprietary format now with better multi-threading
These additions finally bring Windows up to par with third-party tools like 7-Zip and WinRAR for most common archive formats. The implementation uses a new compression API in Windows 11 version 23H2 that allows Explorer to handle these formats without additional software.
Performance Benchmarks
Early testing shows impressive results:
| Format | Compression Speed | Decompression Speed | Ratio |
|---|---|---|---|
| Zstd | 480 MB/s | 550 MB/s | 2.87:1 |
| 7z | 220 MB/s | 350 MB/s | 3.15:1 |
| ZIP | 150 MB/s | 400 MB/s | 2.1:1 |
These benchmarks demonstrate why Microsoft prioritized adding these formats - zstd in particular offers near-ZIP speeds with significantly better compression.
The Security Trade-off
However, the libarchive integration has exposed several concerning vulnerabilities:
- CVE-2023-30571: Heap buffer overflow in RAR5 parsing
- CVE-2023-30572: Directory traversal vulnerability in TAR extraction
- CVE-2023-30573: Integer overflow in 7z decompression
Microsoft has acknowledged these issues in their security bulletin MSRC-63542, rating them as "Important" rather than "Critical." The vulnerabilities primarily affect:
- Enterprise environments processing untrusted archives
- Users downloading archives from questionable sources
- Systems without proper antivirus protection
Mitigation Strategies
To safely use these new features, security experts recommend:
- Immediate patching: Install KB5031455 which addresses these CVEs
- Controlled folder access: Enable this Windows Defender feature
- Sandboxing: Use Windows Sandbox for suspicious archives
- Network protection: Block known malicious archive hosts
The Future of Windows Compression
Microsoft's compression roadmap suggests even more changes coming:
- Potential deprecation of legacy CAB format
- Experimental support for the new LZ4 algorithm
- Cloud-integrated compression for OneDrive files
This update represents a significant step forward in making Windows 11 more capable out of the box, but users must remain vigilant about the security implications. The inclusion of complex parsing code for numerous formats inevitably expands the attack surface that malware authors can target.
Best Practices for Users
To safely enjoy these new capabilities:
- Always keep Windows updated
- Verify archive sources before opening
- Consider maintaining your preferred third-party archiver as backup
- Monitor for unusual system behavior after handling archives
- Educate less technical users about the risks
Microsoft's approach reflects the modern computing reality - every new feature brings both convenience and potential risk. The company appears committed to quickly addressing security concerns while continuing to modernize Windows' core capabilities.