Search
WinRAR has issued a critical update to address the CVE-2025-8088 vulnerability, which impacts versions prior to 7.13. This flaw, classified as a directory traversal issue, resides within the RAR extraction component on Windows platforms, including the UnRAR tool and dynamic link libraries. By exploiting this vulnerability, attackers can manipulate the file extraction path, thereby planting malicious files in critical system directories, notably the Windows startup folder, allowing for persistent system access. Notably, Unix-based and Android versions of RAR are unaffected by this vulnerability. WinRAR officials strongly advise users to promptly upgrade to version 7.13 or later to safeguard their system security. As WinRAR lacks an automatic update mechanism, users must proactively visit the official website to download and install the latest version.
-
C114 Communication Network -
Communication Home
