Still using WinRAR? It has a worrying security flaw that could let hackers hijack your Windows device

LovabledanielsApril 7, 202541 Views

Security researchers uncover new flaw in WinRAR
The flaw allowed threat actors to bypass Mark of the Web and deploy malware to Windows devices without warning
WinRAR released a new version to fix the bug, so update now

Experts have uncovered a flaw in WinRAR which could allow threat actors to bypass the Mark of the Web (MotW) and deploy malware on people’s computers.

The vulnerability was discovered by Japanese researcher Shimamine Taihei from the Mitsui Bussan Secure Directions, and is now tracked as CVE-2025-31334, and was given a severity score of 6.8/10 (medium).

MotW is a security mechanism that displays a warning when an executable file is downloaded from the internet. It is built into Windows and serves as an additional layer of security, warning people that files downloaded from the internet might be dangerous – however, there is a way to work around the warning when a file is shared in an archived format.

Symlink

“If symlink pointing at an executable was started from WinRAR shell, the executable Mark of the Web data was ignored,” WinRAR explained the vulnerability.

A symlink (short for symbolic link) is a shortcut or alias to a file or folder. Instead of copying a file, a symlink just points to it. Therefore, a hacker could create a symlink pointing to an executable with MotW, and if a victim runs it, the MotW wouldn’t show.

The vulnerability was found in all older versions of WinRAR, and it was addressed in version 7.11, which is now available for download.

Ever since Mark of the Web was introduced, cybercriminals have been looking for different ways to bypass it and deliver malware without warning.

In late January 2025, 7-Zip patched a major flaw that enabled just that. It is tracked as CVE-2025-0411 and was given a high severity score, 7/10. Earlier still, in 2022, researchers found a password-protected .ZIP file with an .ISO file inside that was able to bypass MotW.

To mitigate the risk, users should always keep their archivers up to date, and be vigilant when downloading files from the internet.

Via BleepingComputer

Weekly update

ICJ hearing on Israel’s obligation to allow aid to Palestine: Key takeaways | Israel-Palestine conflict News

Beyoncé’s Cowboy Carter Tour: Review

US asks judge to break up Google’s ad tech business

Weekly Newsletter

Still using WinRAR? It has a worrying security flaw that could let hackers hijack your Windows device

Leave a comment

Leave a Reply Cancel reply

Explore more

Beyoncé’s Cowboy Carter Tour: Review

US asks judge to break up Google’s ad tech business

Australia’s election will show if PM Anthony Albanese has won back voters | Elections News

Olympic Sprinter Fred Kerley Arrested For Battery In South Florida

We just got another big hint that the Samsung Galaxy S25 FE is on the way

You won’t believe what 700+ projectors and AI can do in Abu Dhabi’s new immersive art world

ICYMI: the 8 biggest tech stories of the week, from ChatGPT’s shopping upgrade to GTA 6 delays

When the school bell rings, the bandwidth drops: How post-15:40 internet surges affect UK broadband quality

Get to Know Us

Let's keep in touch