Experts have discovered a vulnerability in the WinRAR archiver that allows attackers to bypass the Mark of the Web (MotW), a Windows protection mechanism, and deploy malware on victims’ computers.

Image Source: Kevin Ku / unsplash.com

The vulnerability was discovered by Japanese researcher Shimamine Taihei from Mitsui Bussan Secure Directions — it was assigned the number CVE-2025-31334 and the threat level was 6.8 out of 10 — medium. MotW is a security tool that displays a warning when downloading an executable file from the Internet. The built-in Windows mechanism notifies users that files downloaded from the Internet may be dangerous, but there was a way to bypass this warning if the file was in an archive format.

«If a symbolic link pointing to an executable file was opened from the WinRAR shell, the Mark of the Web executable file data was ignored,” the archiver’s website explains. A symbolic link (or Symlink) is a shortcut or alias to a file or folder. A symbolic link is not a copy of a file, but only a pointer to it. A hacker could create a symbolic link pointing to an executable file with MotW, and when it was opened, the MotW warning was not displayed. The vulnerability was discovered in all older versions of WinRAR and was fixed in version 7.11, which is now available for download.

AddThis Website Tools
admin

Share
Published by
admin

Recent Posts

Intel will not begin mass production of chips for third-party clients until 2028, Morgan Stanley analysts predictIntel will not begin mass production of chips for third-party clients until 2028, Morgan Stanley analysts predict

Intel will not begin mass production of chips for third-party clients until 2028, Morgan Stanley analysts predict

The speeches of Intel's current management at the event for partners and investors, as Morgan…

56 minutes ago
Trump Tariffs Send Foxconn’s April Revenue Up 26%Trump Tariffs Send Foxconn’s April Revenue Up 26%

Trump Tariffs Send Foxconn’s April Revenue Up 26%

The largest contract manufacturer of Apple-branded electronic devices, Taiwan's Foxconn (Hon Hai Precision Industry), this…

56 minutes ago
McKinsey: Investments in AI Data Centers Will Exceed $5 Trillion by 2030McKinsey: Investments in AI Data Centers Will Exceed $5 Trillion by 2030

McKinsey: Investments in AI Data Centers Will Exceed $5 Trillion by 2030

Consulting company McKinsey has published a forecast for the development of data centers on a…

56 minutes ago
Intel will not begin mass production of chips for third-party clients until 2028, Morgan Stanley analysts predictIntel will not begin mass production of chips for third-party clients until 2028, Morgan Stanley analysts predict

Intel will not begin mass production of chips for third-party clients until 2028, Morgan Stanley analysts predict

The speeches of Intel's current management at the event for partners and investors, as Morgan…

1 hour ago
Trump Tariffs Send Foxconn’s April Revenue Up 26%Trump Tariffs Send Foxconn’s April Revenue Up 26%

Trump Tariffs Send Foxconn’s April Revenue Up 26%

The largest contract manufacturer of Apple-branded electronic devices, Taiwan's Foxconn (Hon Hai Precision Industry), this…

1 hour ago
McKinsey: Investments in AI Data Centers Will Exceed $5 Trillion by 2030McKinsey: Investments in AI Data Centers Will Exceed $5 Trillion by 2030

McKinsey: Investments in AI Data Centers Will Exceed $5 Trillion by 2030

Consulting company McKinsey has published a forecast for the development of data centers on a…

1 hour ago