If you’re still using WinRAR, you should update to version 7.12 as soon as possible. A vulnerability labeled CVE-2025-6218 was recently discovered in older versions of the popular Windows file compression tool.
The security vulnerability in question can reportedly be exploited by hackers to bypass the app’s built-in security features, increasing the risk of malware execution, reports BleepingComputer.
The issue was first reported on June 5th, 2025 through the Zero Day Initiative, and WinRAR released a fix for it with version 7.12 beta 1 on June 24th, 2025. The release also addresses two other minor issues.
“When extracting a file, previous versions of WinRAR, Windows versions of RAR, UnRAR, portable UnRAR source code and UnRAR.dll can be tricked into using a path, defined in a specially crafted archive, instead of user specified path,” writes WinRAR in its changelog. In other words, files could be secretly extracted to system directories and other sensitive locations, allowing hackers to execute malicious files in unwanted places.
Though there are no known instances of this exploit being attacked in the wild, you should update WinRAR immediately to stay safe.
Войдите, чтобы добавить комментарий
Другие сообщения в этой группе
I find that writing up a to-do list takes a lot of the guess work out
What if your laptop always had a 5G internet connection wherever you
Interest in Sonos’s smallest portable speaker is heating up—literally
Free alternatives may exist for Microsoft Office components, but some
E-commerce giant Amazon is now expanding its automotive business to i
