Toggle sidebar

Huge security vulnerability found in Winrar

  • Thread starter Thread starter linuxares
  • Start date Start date
  • Views Views 4,486
  • Replies Replies 32
  • Likes Likes 2
More News about WinRAR again.


Here's Yet Another Serious Reason to Stop Using WinRAR


https://www.makeuseof.com/stop-using-winrar-update-immediately



It's 2025, and WinRAR has a security vulnerability that could help a hacker take control of your system. While most folks have stopped using WinRAR in favor of other archive tools, if you have WinRAR on your system, you need to update it immediately.

Using WinRAR Can Get You Hacked​

WinRAR has a security vulnerability that can help a hacker bypass MotW (Mark of the Web) security warnings in all versions of the program before 7.11. The vulnerability has been named CVE-2025-31334 (Was CVE-2024-31334) and received a medium-severity score of 6.8 out of 10.


MotW stands for Mark of the Web. It's a security mechanism built into Windows that uses file metadata to flag potentially harmful files you may have downloaded from the internet. This results in the User Account Control (UAC) permission boxes you see before running a file asking you to confirm that you're allowing an app to make changes to your device.

Thankfully, the issue is fixed in WinRAR's 7.11 update. WinRAR's patch notes explain the vulnerability as:

A symlink pointing at an executable was started from the WinRAR shell, the executable Mark of the Web data was ignored.
Click to expand...
A symlink or symbolic link is a shortcut to another file or folder. To exploit this vulnerability, an attacker could craft a malicious symbolic link and have it run malicious code on a target's PC. Symlinks can only be created with administrator permissions, though.

The bug was reported by Shimamine Taihei of Mitsui Bussan Secure Directions through the Information Technology Promotion Agency (IPA) in Japan. The country's Computer Security Incident Response Team (JPCERT/CC) then passed on this information to WinRAR's developers under the Information Security Early Warning Partnership.


Starting with version 7.10, WinRAR also lets you remove the alternate data stream information like location, IP address of the archiving device, and so on, which can be considered a privacy concern. However, MotW uses this alternate stream of data to flag files.


It's Time to Move On From WinRAR​

WinRAR was once one of the most popular archiving tools for Windows and still claims to be the "world's most popular compression tool" with over 500 million users, according to the official WinRAR website. It used to be Windows's exclusive but has since launched for Linux, macOS, and even Android. That said, the Linux and macOS versions are command line only.

However, with Windows 11 now natively supporting almost a dozen archive formats, including RAR, 7z, ISO, and TAR, among others, programs like WinRAR have become obsolete for most users, and there are many alternatives. Additionally, WinRAR is a paid tool, meaning you need to dish out an additional $29 for a license.


This isn't the first major WinRAR vulnerability, either. In 2019, WinRAR patched a serious issue that allowed hackers to disguise ACE files as RAR ones, potentially slipping malware onto your system. This was fixed in WinRAR versions 5.70 and above. Another WinRAR vulnerability in 2023 allowed hackers to run malicious code on your system when you opened a zipped file. The issue was reported by Google's Threat Analysis Group (TAG) and subsequently patched in 2023 with versions 6.23 and 6.24.




************


I'm no longer use WinRAR anymore when I was on Windows 11. I used 7-zip since I get new computer with Windows 11 in November 2023. B-)

I had old computers with Windows XP and 7 did have 7-zip, WinRAR and WinZip programs installed before. Oh man! :blink:
 
Last edited by console,
  • Like
Reactions: Sicklyboy, LightBeam, BigOnYa and 1 other person
Last edited by SylverReZ,
linuxares said:
I've moved to this https://peazip.github.io
Click to expand...
I want to love this so much. Do you use it on Windows ? Because I've had so many issues with basic drag & drop. I love the smart extracting thing that doesn't put duplicate folders.
And I guess it was a bug, but I remember being able to click on some menus to put the archive in the bin even if I'm still navigating through it, it was a huge convenience but last time I tried it wasn't working anymore.

Right now I'm using Nanazip, but 7-Zip is goated, and I might get back to it (I always do)

Maybe I'll give Peazip another try .....
 
  • Like
Reactions: SylverReZ and draftguy123
LightBeam said:
I want to love this so much. Do you use it on Windows ? Because I've had so many issues with basic drag & drop. I love the smart extracting thing that doesn't put duplicate folders.
And I guess it was a bug, but I remember being able to click on some menus to put the archive in the bin even if I'm still navigating through it, it was a huge convenience but last time I tried it wasn't working anymore.

Right now I'm using Nanazip, but 7-Zip is goated, and I might get back to it (I always do)

Maybe I'll give Peazip another try .....
Click to expand...
Nay I use Linux. I think Nanazip is better for WIndows.

EDIT: Peazip use 7zip but is a graphical interface. Plus got its own compression.
 
  • Like
Reactions: SylverReZ and LightBeam
I dont know why winrar still doesnt have an update checker

users just end up still running really old versions after years because it doesnt tell you when there are updates, even really important updates like this
 
  • Like
Reactions: console

Site & Scene News

Go to forum More news

Popular threads in this forum

Good Printer without subscription

Physical Steam gift cards discontinued

Virtual Machine setups

Misc  Malware Warning for Arch/AUR Users

Hacking Rumor  Steam Workshop abused to spread malware via Wallpaper Engine app

Translation Project  Trails through Daybreak I ,Daybreak II et beyond the Horizon en fr!

[Python] Interactive ROM Duplicate Finder and Region Selector

Translation  [Release] French Translation Patches – Trails through Daybreak, Daybreak II & Beyond the Horizon