News

Patch Now: New WinRAR Flaw Used to Deliver Malware

News Room
News Room

Security researchers have discovered a new flaw in WinRAR that was recently exploited to spread malware through phishing emails. 

The flaw, CVE-2025-8088, can be harnessed through maliciously crafted archive files, according to BleepingComputer, which first reported on the vulnerability. 

Normally, WinRAR is supposed to extract files from an archive to the user’s specified path. But through the flaw, it looks like a booby-trapped file can extract the data to a hacker-selected path, creating a way to execute rogue computer code on a victim’s machine, including Windows PCs running WinRAR.

Three researchers at antivirus provider ESET discovered the vulnerability. Although details are thin, the company told PCMag it’s “observed spearphishing emails with attachments containing RAR files. These archives exploited the CVE-2025-8088 to deliver RomCom backdoors. RomCom is a Russia-aligned group.” Past versions of RomCom malware can steal sensitive data and install other malicious payloads.

The good news is that WinRAR patched the vulnerability last week with version 7.13 Final. Unfortunately, the popular file-archiving tool doesn’t feature an auto-update mechanism. So it’ll be up to users to manually download and install the new version to receive protection, otherwise they’ll remain at risk. 

Recommended by Our Editors

In the release notes, WinRAR said the problem affects “previous versions of WinRAR, Windows versions of RAR, UnRAR, portable UnRAR source code and UnRAR.dll.” However, Unix versions of RAR, UnRAR, portable UnRAR source code and UnRAR library, and RAR for Android, are not affected.

As a free archive utility, WinRAR has attracted over 500 million users. In June, WinRAR also patched a separate flaw that could be exploited through booby-trapped archive files as well.

PCMag Logo

OpenAI Debuts GPT-5 Model During OpenAI’s Summer Update Event



Newsletter Icon

Get Our Best Stories!

Stay Safe With the Latest Security News and Updates


SecurityWatch Newsletter Image

Sign up for our SecurityWatch newsletter for our most important privacy and security stories delivered right to your inbox.

By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy.

Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

About Michael Kan

Senior Reporter

Michael Kan

I’ve been working as a journalist for over 15 years—I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017.

Read Michael’s full bio

Read the latest from Michael Kan

Share This Article
Previous Article Ex-NSA Chief Paul Nakasone Has a Warning for the Tech World
Next Article Streamex Unleashes Gold-Tokenization Strategy Poised To Shake Global Markets And Redefine NASDAQ | HackerNoon
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Stay Connected

Latest News

Amy Bradley’s brother reveals ‘evidence that proves truth’ about disappearance
News
iOS 26: Here’s What You Can Do With Apple’s New Games App
News
NIO Capital raises new RMB 3 bln fund despite cooling VC climate · TechNode
Computing
Today's NYT Mini Crossword Answers for Aug. 9 – CNET
News
Lost your password?