A serious security vulnerability in the iconic file archiving tool WinRAR could allow attackers to run arbitrary code on affected systems.
The vulnerability (CVE-2025-6218) was discovered by a researcher working with Trend Micro’s Zero Day Initiative and allows files to be placed in unintended directories, such as the Windows Startup folder.
RARLAB has released WinRAR version 7.12 to address the critical security flaw in the way WinRAR handles file paths within archives.
Windows users are urged to update WinRAR to version 7.12 promptly to mitigate the risk of exploitation and improve file safety.