The extensively used file compression software for Home windows, WinRAR, has simply launched model 7.13 to tackle a extreme safety vulnerability recognized as CVE-2025-8088. This flaw, discovered by ESET security researchers, particularly impacts the Home windows model of WinRAR, focusing on the UNRAR.dll library. The vulnerability permits attackers to craft malicious archive information that, when extracted by a person, trick WinRAR into writing information to a location of the attacker’s selecting as an alternative of the listing chosen by the person.
Exploitation of this vulnerability has been noticed within the wild, notably by means of phishing campaigns. Attackers have despatched emails containing specifically designed RAR archives that, when extracted, deposit executable information into delicate Home windows folders such because the Startup folder (%APPDATApercentMicrosoftWindowsStart MenuProgramsStartup). Any trojan horse positioned right here is routinely executed the following time the system begins, leading to full compromise of the affected machine. This methodology allows attackers to realize persistent entry and doubtlessly execute additional malicious actions, together with putting in distant entry trojans (RATs).
The first malware linked to exploitation of this flaw is known as RomCom, a Distant Entry Trojan (RAT) related to cybercriminals identified for social engineering assaults. These attackers disguise their malware as reputable purposes, encouraging customers to obtain and set up compromised WinRAR variations. RomCom has been noticed focusing on organizations in varied sectors, and there may be proof connecting its exploitation of CVE-2025-8088 to Russian-linked teams. Earlier assaults enabled distant code execution, information exfiltration, and deployment of additional malware payloads.
You will need to word that Unix variations of RAR and UnRAR, together with the variations for Android, aren’t affected by this vulnerability. The safety difficulty is confined to Home windows customers, and solely these with the affected variations (previous to 7.13) are in danger.
Not like some trendy software program, WinRAR doesn’t characteristic automated updates. Customers should go to the official WinRAR website and manually obtain and set up the newest model to be protected. Failure to improve leaves techniques uncovered to energetic threats.
Filed in . Learn extra about Security, Windows 10 and Windows 11.
Trending Merchandise
NETGEAR 4-Stream WiFi 6 Router (R6700AX) – AX1800 Wi-fi Pace (As much as 1.8 Gbps) | Protection as much as 1,500 sq. ft., 20 gadgets
CHONCHOW LED Keyboard and Mouse, 104 Keys Rainbow Backlit Keyboard and 7 Color RGB Mouse, White Gaming Keyboard and Mouse Combo for PC Laptop Xbox PS4 Gamers and Work
HP Portable Laptop, Student and Business, 14″ HD Display, Intel Quad-Core N4120, 8GB DDR4 RAM, 64GB eMMC, 1 Year Office 365, Webcam, RJ-45, HDMI, Wi-Fi, Windows 11 Home, Silver
