In case you’re nonetheless utilizing WinRAR, you need to replace to model 7.12 as quickly as potential. A vulnerability labeled CVE-2025-6218 was just lately found in older variations of the favored Home windows file compression device.
The safety vulnerability in query can reportedly be exploited by hackers to bypass the app’s built-in safety features, rising the danger of malware execution, studies BleepingComputer.
The problem was first reported on June fifth, 2025 by the Zero Day Initiative, and WinRAR launched a repair for it with model 7.12 beta 1 on June twenty fourth, 2025. The discharge additionally addresses two different minor points.
“When extracting a file, earlier variations of WinRAR, Home windows variations of RAR, UnRAR, moveable UnRAR supply code and UnRAR.dll could be tricked into utilizing a path, outlined in a specifically crafted archive, as a substitute of person specified path,” writes WinRAR in its changelog. In different phrases, recordsdata could possibly be secretly extracted to system directories and different delicate areas, permitting hackers to execute malicious recordsdata in undesirable locations.
Although there aren’t any recognized situations of this exploit being attacked within the wild, you need to replace WinRAR instantly to remain secure.
This text initially appeared on our sister publication PC för Alla and was translated and localized from Swedish.
