Provide an update as soon as you can. A significant flaw has been found in this well-known Windows application
WinRAR, a popular archiving application on the Windows operating system, has a serious flaw that a researcher has found. The way this program manages file paths inside compressed files is impacted by this problem. A malicious file may use this vulnerability to insert other files into sensitive system folders, like the Windows Startup folder.
TechRadar claims that the vulnerability (known as CVE-2025-6218) was found by a researcher going by the name whs3-detonator. He clarifies that a user may unknowingly run harmful software if they open one of these files or visit a malicious website. This would make it possible for the malware to start up the next time the computer is turned on.
The Unix or Android versions of WinRAR are unaffected by this problem, which is limited to the Windows version. Update 7.12 has been released by WinRAR developer RARLAB to fix this security vulnerability. The latest version also includes enhancements like the ability to confirm recovery volumes when testing compressed files.
In addition to maintaining more precise timestamps when altering Unix files on Windows, this helps to better assure the authenticity of backups. As a result, we advise installing the most recent antivirus software to safeguard our devices and updating WinRAR as soon as possible to reduce the possibility of an attacker taking advantage of this vulnerability.