Ever since Windows 11 started supporting the RAR archive format, there has been little reason to download – or buy – WinRAR separately. But if you’ve been a user of the software since way back, now’s as good a time as any to give it an update. This is because a flaw within WinRAR was discovered being used in the wild.
According to the US National Institute of Standards and Technology website, the vulnerability was discovered by ESET researchers Anton Cherepanov, Peter Košinár, and Peter Strýček. Tracked as CVE-2025-8088, hackers exploit this WinRAR vulnerability by making archive files that place content in unauthorised locations. Crucially, this bypasses the usual need for users to specify the destination folder for files extracted from the archive.
This means that malicious archives can extract files straight into Windows startup folders. As the name suggests, this runs programs inside it once Windows is up and running. And this works from both a restart or a cold boot.
Worth mentioning is this affects not just WinRAR for Windows, but also all other related tools like RAR and UnRAR. A fix has already been released, in the form of the 7.13 Final version, which was out on 30 July. But because WinRAR doesn’t update automatically, users will have to install the new version manually. Android and Unix versions are noted to be unaffected.
(Source: NIST, CVE database via TechSpot)
