Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11WinRAR releases emergency patch for serious security vulnerability, users need to update immediately
Last week, WinRAR version 7.13 was released, fixing a directory traversal vulnerability, which is tracked as CVE-2025-8088. Thanks to researchers from ESET, we now have more details on how to exploit this vulnerability, especially since some hacker groups are actively using it for malicious purposes.
Specifically, this vulnerability lies in the core library UNRAR.dll, which is responsible for decompressing files. Hackers create a malicious compressed file that can 'trick' the software into writing files to a location of their choice instead of the folder specified by the user.
When unpacking, earlier versions of WinRAR, WinRAR on Windows, UnRAR, UnRAR portable source code and UnRAR.dll can be tricked into using a path defined in a special archive instead of a user-selected path.
According to ESET experts Anton Cherepanov, Peter Košinár, and Peter Strýček, attackers exploit this vulnerability to insert payloads into sensitive locations in the system, such as the Startup folder. By placing an executable file in %APPDATA%MicrosoftWindowsStart MenuProgramsStartup , the malicious code will automatically run when the user logs in, allowing hackers to execute code remotely on the compromised machine.
The group behind these attacks is believed to be the 'RomCom crew'. The RomCom malware is a Remote Access Trojan (RAT) that has been active since at least 2022. It uses social engineering to trick users, even impersonating popular software websites like KeePass, to trick victims into downloading the RAT installer. This hacking group has primarily targeted countries like Ukraine and some NATO members.
This is not the first time WinRAR has faced a serious security issue this year. Previously, version 7.12 patched a similar vulnerability (CVE-2025-6218) that affected WinRAR 7.11 and earlier versions.
According to Bleeping Computer, WinRAR does not have a built-in automatic update mechanism, so users must proactively access the official website to download and install version 7.13 to ensure safety. WinRAR also confirmed that the Unix versions of RAR and UnRAR, along with RAR for Android, will not be affected.
Kareem WintersYou should read it
- Users who have not updated the WinRAR patch, despite being warned, continue to take advantage of the vulnerability to insert malicious code.
- Link Download WinRAR 6.00b1: A free compression and decompression tool
- OWN A WINRAR COPYRIGHT AT AN EXTREMELY AFFORDABLE PRICE
- Detecting serious security flaws that exist for more than 19 years on WinRAR, can affect 500 million users
- How to update WinRAR to the new version quickly and effectively
- WinRAR settings automatically delete the root directory after decompressing the data
Technology story
AMD officially launches Radeon RX 7400: 28 cores, 8GB GDDR6, consumes only 55W- Google officially kills Steam on Chromebooks
- Intel is struggling with chip production capacity
- Microsoft confirms extending Edge support on Windows 10 for another three years
- Microsoft launches 'savior' Windows 365 Reserve - Cloud computer ready to replace when main PC has problem
- AOL 'kills' dial-up Internet: Farewell after more than 3 decades
AMD officially launches Radeon RX 7400: 28 cores, 8GB GDDR6, consumes only 55W
Google officially kills Steam on Chromebooks
Intel is struggling with chip production capacity
Microsoft confirms extending Edge support on Windows 10 for another three years
Microsoft launches 'savior' Windows 365 Reserve - Cloud computer ready to replace when main PC has problem
AOL 'kills' dial-up Internet: Farewell after more than 3 decades