1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Still using WinRAR? It has a worrying security flaw that could le

    From TechnologyDaily@1337:1/100 to All on Mon Apr 7 17:30:07 2025
    Still using WinRAR? It has a worrying security flaw that could let hackers hijack your Windows device

    Date:
    Mon, 07 Apr 2025 16:28:00 +0000

    Description:
    WinRAR patch was recently released addressing the medium-severity vulnerability.

    FULL STORY ======================================================================Security
    researchers uncover new flaw in WinRAR The flaw allowed threat actors to bypass Mark of the Web and deploy malware to Windows devices without warning WinRAR released a new version to fix the bug, so update now

    Experts have uncovered a flaw in WinRAR which could allow threat actors to bypass the Mark of the Web (MotW) and deploy malware on peoples computers.

    The vulnerability was discovered by Japanese researcher Shimamine Taihei from the Mitsui Bussan Secure Directions, and is now tracked as CVE-2025-31334,
    and was given a severity score of 6.8/10 (medium).

    MotW is a security mechanism that displays a warning when an executable file is downloaded from the internet. It is built into Windows and serves as an additional layer of security, warning people that files downloaded from the internet might be dangerous - however, there is a way to work around the warning when a file is shared in an archived format.

    Monitor your credit score with TransUnion starting at $29.95/month

    TransUnion is a credit monitoring service that helps you stay on top of your financial health. With real-time alerts, credit score tracking, and identity theft protection, it ensures you never miss important changes. You'll benefit from a customizable online interface with clear insights into your credit profile. Businesses also benefit from TransUnions advanced risk assessment tools.

    Preferred partner ( What does this mean? ) View Deal Symlink

    If symlink pointing at an executable was started from WinRAR shell, the executable Mark of the Web data was ignored, WinRAR explained the vulnerability.

    A symlink (short for symbolic link) is a shortcut or alias to a file or folder. Instead of copying a file, a symlink just points to it. Therefore, a hacker could create a symlink pointing to an executable with MotW, and if a victim runs it, the MotW wouldnt show.

    The vulnerability was found in all older versions of WinRAR, and it was addressed in version 7.11, which is now available for download.

    Ever since Mark of the Web was introduced, cybercriminals have been looking for different ways to bypass it and deliver malware without warning.

    In late January 2025, 7-Zip patched a major flaw that enabled just that. It
    is tracked as CVE-2025-0411 and was given a high severity score, 7/10.
    Earlier still, in 2022, researchers found a password-protected .ZIP file with an .ISO file inside that was able to bypass MotW.

    To mitigate the risk, users should always keep their archivers up to date,
    and be vigilant when downloading files from the internet.

    Via BleepingComputer You might also like Ivanti patches serious Connect Secure flaw We've rounded up the best password managers Take a look at our guide to the best authenticator app



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/still-using-winrar-it-has-a-worrying-se curity-flaw-that-could-let-hackers-hijack-your-windows-device


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)