A critical vulnerability (CVE-2025-8088, CVSS 8.8) in WinRAR is being actively exploited by threat actors. The flaw allows malicious archive files to bypass security checks and execute arbitrary code on Windows systems.

Affected

WinRAR versions up to 7.12

Fixed in: WinRAR 7.13 (released July 30, 2025)

What you should do?

Update WinRAR immediately to version 7.13

Avoid opening suspicious archive files (.rar/.zip)

Ensure antivirus/EDR scanning is enabled

Stay protected – apply the patch now and share this alert within your network.