Home » Technology » Caution: WinRAR error bypasses Windows security warnings

Caution: WinRAR error bypasses Windows security warnings

1 week ago Joshua Bato

A critical security gap in the popular pack program WinRAR enables attackers to avoid a central Windows protection function. So there is the possibility to carry out unnoticed manipulations. All versions are affected before 7.11.

Dangerous vulnerability discovered in WinRAR

The Weak point CVE-2025-31334 undermines the “Mark of the Web” (Motw) protection, which characterizes files downloaded from the Internet as potentially dangerous. With a special constellation with symbolic links, the warning is not displayed when opening so that users can fall into a trap without noticing it.

In WinRAR versions before 7.11 there is a problem that deals with the safety warning function ‘Mark of the Web’ for files when a symbolic link is opened that refers to a executable file. If a symbolic link specially created by an attacker is opened on the affected product, any code can be executed. CVE-2025-31334

Medium risk with high damage potential

According to the bleeping computer the weak point received a CVSS score of 6.8 and was therefore classified as a medium risk. This is because for the creation of symbolic links under Windows Administrator Rights, which makes it difficult to attack.

Not the first Motw bypass

The safety gap by Shimamine Taihei from Mitsui Bussan Secure Directions, which was reported via the Japanese IPA, was discovered. Bypasses of the Motw mechanism are not new. At the beginning of 2025 it was announced that Hacker exploited a similar weak point in the 7-Zip program to distribute malware. WinRAR also had to struggle with such problems before.

The Mark of the web mechanism from Microsoft, active since 1997, marks downloaded files and triggers security warnings that offer additional protection. WinRAR 7.11 not only fixes this weak point, but also offers improvements in the handling of CAB archives and fixes various mistakes. Since version 7.10, certain motw information can also be removed that are considered a data protection risk.

Immediate update recommended

There is still good news for users: there is currently no evidence of active use of this weak point. All WinRAR users should immediately update version 7.11 to protect themselves.

Tags: , , , , , ,

More Stories

TSMC Could Face Billions Of Fine For Developing Huawei AI Chip

3 days ago Amit Gohar

The Smartphone Sensor Revolution: Outperforming Traditional Antimatter Detection

3 days ago Amit Gohar

Trump Warns TSMC: Build in the U.S. or Face Up to 100% Penalty Taxes

7 days ago Yasir Zeb

Leave a Reply

Today’s Latest

What AI Consulting Services Can Do for Your Digital Transformation

19 hours ago Alexia Hope

Clients Who Regret DIY Design — and the Fixes That Saved Their Sites

19 hours ago Alexia Hope

Why Are Our Santa Cruz Moving Services The Best For Residential Moves?

20 hours ago Alexia Hope

Nintendo Switch 2: Retro Remaster Revolution Still a Major Selling Point

20 hours ago Alexia Hope

Samsung Halts One UI 7 Rollout After Critical Bugs Surface

1 day ago Yasir Zeb
eLearning

Learn Chinese the Smart Way: Your Step-by-Step Guide to Success with Migaku

1 day ago Alexia Hope

Parent’s Guide to Finding Reliable Educational Help Online

1 day ago Alexia Hope

Android 15 To Eat More RAM And Memory Google Updates Requirements

2 days ago Amit Gohar

Oppo Takes Agentic AI Initiative at Google Cloud Next 2025

2 days ago Joshua Bato

META To Train Its AI On Europe’s Users Data

2 days ago Yasir Zeb