Critical Security Flaw Discovered in WinRAR for Windows

A significant security vulnerability has been identified in the Windows version of WinRAR, a popular file compression tool. This flaw enables attackers to execute malicious code by exploiting the way WinRAR handles file extraction paths.

The developers of WinRAR have announced a beta update, version 7.12b1, aimed at addressing this security issue. According to the developers, the vulnerability arises when extracting files, allowing the software to utilize a path specified within a manipulated archive instead of the path provided by the user. This allows malicious actors to redirect processes to unintended directories, thereby executing harmful code in the context of the affected user.

Security researchers from Trend Micro's Zero-Day Initiative have provided a more detailed analysis of the vulnerability, which has been assigned the identifier CVE-2025-6218. The severity of this flaw has been rated high, with a CVSS score of 7.8, highlighting the potential risk it poses to users.

Importantly, the issue only affects the Windows iterations of WinRAR. The Unix versions, as well as the RAR, UnRAR, and portable UnRAR components, along with the UnRAR library and RAR for Android, are not impacted by this vulnerability.

In addition to this critical fix, the beta version addresses further security concerns. Previously, when generating reports, the software allowed unfiltered filenames to be included in the HTML report files. This security oversight could enable the insertion of unsafe HTML tags. The updated version resolves this by replacing specific characters used in HTML tags with safer string representations.

The beta version can be found on the WinRAR download page, though it is somewhat inconspicuous among the list of available files. Users are encouraged to download the beta, but it will be removed once the final version, WinRAR 7.12, is released.

This is not the first time security issues have been addressed in WinRAR. The previous version, 7.11, also included a fix for a vulnerability that involved symbolic links, which could have prevented Windows from displaying appropriate warnings when executing potentially dangerous files downloaded from the internet.