Security News > 2025 > April > WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334)
2025-04-07 11:28
WinRAR users, upgrade your software as soon as possible: a vulnerability (CVE-2025-31334) that could allow attackers to bypass Windows’ Mark of the Web (MotW) security warning and execute arbitrary code on your machine has been fixed in version 7.11. About CVE-2025-31334 WinRAR is an extremely popular file archiver utility for Windows. It can create and view archives in RAR or ZIP file formats, as well as “unpack” archive file in other formats (ISO, JAR, TAR, … More → The post WinRAR MotW bypass flaw fixed, update ASAP (CVE-2025-31334) appeared first on Help Net Security.
News URL
https://www.helpnetsecurity.com/2025/04/07/winrar-motw-bypass-flaw-fixed-update-asap-cve-2025-31334/
Related news
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)
- Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-04-03 | CVE-2025-31334 | Issue that bypasses the "Mark of the Web" security warning function for files when opening a symbolic link that points to an executable file exists in WinRAR versions prior to 7.11. | 0.0 |