A new vulnerability emerged in Winrar, a completely unqualified Winrar, which everyone used again.
Open discovered by Shimamine Taihei from Japan -based Mitsui Busan Secure Directions, allows the attackers to infect the users’ computers by skipping Windows’s “Mark of the Web” (Motw) security device.
It is recommended that you update your winrars
This deficit, which is followed with the code CV-2025-31334, is currently evaluated with a mid-level threat score (6.8/10). As it is known, MOTW warns users about potential hazards by adding a security label to the executed documents downloaded from the internet, but it can neutralize this security layer through these open, archived documents in Winrar.
The basis of the deficit lies symbolic relationships. These relationships seem in a form with invalid names of documents or folders, but instead of creating a copy of the real document, it deceives only the user. When the attackers create a symbolic contact to a executive document with Motw label, the sacrifice does not show Windows security warning if it runs this relationship.
Winrar developers announced that they have been released in the new update 7.11, but many people continue to use the old versions of Winrar. For this reason, the company recommends that users get to the latest version.
