Still using WinRAR? It has a worrying security flaw that could let hackers hijack your Windows device

LovabledanielsApril 7, 202547 Views

Security researchers uncover new flaw in WinRAR
The flaw allowed threat actors to bypass Mark of the Web and deploy malware to Windows devices without warning
WinRAR released a new version to fix the bug, so update now

Experts have uncovered a flaw in WinRAR which could allow threat actors to bypass the Mark of the Web (MotW) and deploy malware on people’s computers.

The vulnerability was discovered by Japanese researcher Shimamine Taihei from the Mitsui Bussan Secure Directions, and is now tracked as CVE-2025-31334, and was given a severity score of 6.8/10 (medium).

MotW is a security mechanism that displays a warning when an executable file is downloaded from the internet. It is built into Windows and serves as an additional layer of security, warning people that files downloaded from the internet might be dangerous – however, there is a way to work around the warning when a file is shared in an archived format.

Symlink

“If symlink pointing at an executable was started from WinRAR shell, the executable Mark of the Web data was ignored,” WinRAR explained the vulnerability.

A symlink (short for symbolic link) is a shortcut or alias to a file or folder. Instead of copying a file, a symlink just points to it. Therefore, a hacker could create a symlink pointing to an executable with MotW, and if a victim runs it, the MotW wouldn’t show.

The vulnerability was found in all older versions of WinRAR, and it was addressed in version 7.11, which is now available for download.

Ever since Mark of the Web was introduced, cybercriminals have been looking for different ways to bypass it and deliver malware without warning.

In late January 2025, 7-Zip patched a major flaw that enabled just that. It is tracked as CVE-2025-0411 and was given a high severity score, 7/10. Earlier still, in 2022, researchers found a password-protected .ZIP file with an .ISO file inside that was able to bypass MotW.

To mitigate the risk, users should always keep their archivers up to date, and be vigilant when downloading files from the internet.

Via BleepingComputer

Weekly update

Spain says ‘overvoltage’ caused huge April blackout

Trump says he won’t ‘waste time’ calling Minnesota governor after slayings | Donald Trump News

You can now create ChatGPT AI images using WhatsApp and it’s ridiculously easy to do – here’s how

Weekly Newsletter

Still using WinRAR? It has a worrying security flaw that could let hackers hijack your Windows device

Leave a comment

Leave a Reply Cancel reply

Explore more

Trump says he won’t ‘waste time’ calling Minnesota governor after slayings | Donald Trump News

You can now create ChatGPT AI images using WhatsApp and it’s ridiculously easy to do – here’s how

The Middle East is a major flight hub. How do airlines keep passengers safe during conflict?

A key Asus Windows tool has a worrying security flaw – here’s how to stay safe

A new tool predicts when users will reject a new technology

This futuristic dual-screen laptop looks incredible, but one disappointing flaw might ruin it for power users

Two-actuator robot combines efficient ground rolling and spinning flight in one design

How LLM architecture and training data shape AI’s position bias

Get to Know Us

Let's keep in touch