The broadly used file compression device for Home windows, WinRAR, has simply launched model 7.13 to tackle a extreme safety vulnerability recognized as CVE-2025-8088. This flaw, discovered by ESET security researchers, particularly impacts the Home windows model of WinRAR, concentrating on the UNRAR.dll library. The vulnerability permits attackers to craft malicious archive information that, when extracted by a person, trick WinRAR into writing information to a location of the attacker’s selecting as an alternative of the listing chosen by the person.
Exploitation of this vulnerability has been noticed within the wild, notably by phishing campaigns. Attackers have despatched emails containing specifically designed RAR archives that, when extracted, deposit executable information into delicate Home windows folders such because the Startup folder (%APPDATApercentMicrosoftWindowsStart MenuProgramsStartup). Any bug positioned right here is routinely executed the subsequent time the system begins, leading to full compromise of the affected machine. This methodology permits attackers to achieve persistent entry and probably execute additional malicious actions, together with putting in distant entry trojans (RATs).
The first malware linked to exploitation of this flaw is named RomCom, a Distant Entry Trojan (RAT) related to cybercriminals identified for social engineering assaults. These attackers disguise their malware as reliable purposes, encouraging customers to obtain and set up compromised WinRAR variations. RomCom has been noticed concentrating on organizations in varied sectors, and there’s proof connecting its exploitation of CVE-2025-8088 to Russian-linked teams. Earlier assaults enabled distant code execution, information exfiltration, and deployment of additional malware payloads.
You will need to word that Unix variations of RAR and UnRAR, together with the variations for Android, are usually not affected by this vulnerability. The safety challenge is confined to Home windows customers, and solely these with the affected variations (previous to 7.13) are in danger.
Not like some trendy software program, WinRAR doesn’t function computerized updates. Customers should go to the official WinRAR website and manually obtain and set up the most recent model to be protected. Failure to improve leaves methods uncovered to lively threats.
Filed in . Learn extra about Security, Windows 10 and Windows 11.
Trending Merchandise
Wi-fi Keyboard and Mouse Combo, 2.4G Silent Cordless Keyboard Mouse Combo for Home windows Chrome Laptop computer Laptop PC Desktop, 106 Keys Full Measurement with Quantity Pad, 1600 DPI Optical Mouse (Black)
TP-Hyperlink AX5400 WiFi 6 Router (Archer AX73)- Twin Band Gigabit Wi-fi Web Router, Excessive-Pace ax Router for Streaming, Lengthy Vary Protection, 5 GHz
NETGEAR Nighthawk WiFi 6 Router (RAX43) – Security Features, 5-Stream Dual-Band Gigabit Router, AX4200 Wireless Speed (Up to 4.2 Gbps), Covers up to 2,500 sq.ft. and 25 Devices
TP-Hyperlink AC1200 Gigabit WiFi Router (Archer A6) – Twin Band MU-MIMO Wi-fi Web Router, 4 x Antennas, OneMesh and AP mode, Lengthy Vary Protection
