If you still use Winrar, you must update version 7.12 as soon as possible. A vulnerability labeled CVE-2025-6218 was recently discovered in the old versions of the popular Windows file compression tool.
The vulnerability of security in question could be used by hackers to bypass the integrated safety functionality of the application, increasing the risk of execution of malware, reports BleepingCompute.
The number was reported for the first time on June 5, 2025 on the Zero Day initiative, and Winrar published a corrective with version 7.12 BETA 1 on June 24, 2025. The press release also addresses two other minor problems.
“During the extraction of a file, previous versions of Winrar, the Windows versions of Rar, Unrar, Portable Source Code Unrar and Unrar.dll may have to use a path, defined in an archive specially designed, instead of a path specified by the user”, writes Winrar in his Changelog. In other words, the files could be extracted secretly in system directories and other sensitive locations, allowing hackers to run malware in unwanted places.
Although there is no known case of this feat attacked in the wild, you must update Winrar immediately to stay safe.
This article originally appeared on our publication Sister PC För Alla and was translated and located in Swedish.
