If you’re still using WinRAR, you should update to version 7.12 as soon as possible. A vulnerability labeled CVE-2025-6218 was recently discovered in older versions of the popular Windows file compression tool.
The security vulnerability in question can reportedly be exploited by hackers to bypass the app’s built-in security features, increasing the risk of malware execution, reports BleepingComputer.
The issue was first reported on June 5th, 2025 through the Zero Day Initiative, and WinRAR released a fix for it with version 7.12 beta 1 on June 24th, 2025. The release also addresses two other minor issues.
“When extracting a file, previous versions of WinRAR, Windows versions of RAR, UnRAR, portable UnRAR source code and UnRAR.dll can be tricked into using a path, defined in a specially crafted archive, instead of user specified path,” writes WinRAR in its changelog. In other words, files could be secretly extracted to system directories and other sensitive locations, allowing hackers to execute malicious files in unwanted places.
Though there are no known instances of this exploit being attacked in the wild, you should update WinRAR immediately to stay safe.
Login to add comment
Other posts in this group
If you’re like me, you’re going to take your laptop everywhere you go
Welcome to this week’s issue of The Full Nerd newsletter—your weekly
There’s a certain peace of mind that comes from being able to see who
If you’re going to splurge on something this Prime Day, it might as w
I hunt for deals all day long, especially now, ahead of Prime Day, bu
