This popular Windows software used by millions has a serious security vulnerability - here's what you need to know

News
By published

Flaw allows hackers access to system locations, such as the Windows Startup folder

Caution sign data unlocking hackers. Malicious software, virus and cybercrime, System warning hacked alert, cyberattack on online network, data breach, risk of website
(Image credit: sarayut Thaneerat/ via Getty Images)
  • WinRAR flaw let crafted archives drop files outside target folder, including into Windows Startup
  • New version 7.12 addresses critical path and HTML vulnerabilities
  • Windows users urged to update WinRAR for improved file safety

Iconic file archiving tool WinRAR has received a security update addressing a serious flaw that could let attackers run arbitrary code on affected systems.

The vulnerability, tracked as CVE-2025-6218, was identified in the way WinRAR handles file paths within archives.

It was discovered by a researcher known as whs3-detonator, working with Trend Micro’s Zero Day Initiative.

Patch now

The issue exists in Windows versions of WinRAR, where a specially crafted archive can exploit path traversal during file extraction.

If a user opens such a file or visits a malicious site, the exploit can allow files to be placed in unintended directories, including sensitive ones like the Windows Startup folder.

This could cause malicious software to run automatically when the system boots.

RARLAB, the developer of WinRAR, has released version 7.12 to address this flaw.

The vulnerability does not affect versions of RAR or UnRAR for Unix or Android. Users are urged to update as soon as possible to reduce the risk of exploitation.

To stay protected from threats like this, it’s important to use the best antivirus software, reliable malware removal tools, and strong endpoint protection. Even well-known tools can have flaws, so running trusted security software and keeping all apps current helps reduce the risk of malware slipping through unnoticed.

The new WinRAR update also fixes an unrelated issue involving the “Generate Report” feature. In older versions, file names in generated HTML reports weren’t sanitized properly, which allowed basic HTML injection. That has now been corrected.

In addition to the security fixes, WinRAR 7.12 now tests recovery volumes during archive testing, giving users better confirmation that backup files are intact. It also preserves precise nanosecond timestamps when modifying Unix files on Windows.

You might also like

Wayne Williams
Wayne Williams
Editor

Wayne Williams is a freelancer writing news for TechRadar Pro. He has been writing about computers, technology, and the web for 30 years. In that time he wrote for most of the UK’s PC magazines, and launched, edited and published a number of them too.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.