Tag: WinRAR

The Long Tail of CVE-2025-8088: How One WinRAR Flaw Outlived Its Patch

Posted on by Martin Brinkmann

It has been over six months since Rarlab released a fix for the critical WinRAR vulnerability known as CVE-2025-8088, but attacks continue to target it as if the patch was released just days ago.

Despite a patch being available since August 2025, Google Threat Intelligence reports that state-sponsored actors and financially motivated hackers are still finding immense success targeting users who have neglected to hit the update button.

This “long tail” of exploitation serves as a stark reminder that a vulnerability doesn’t disappear just because a solution exists.

Key Information:

DetailUpdated Information
Vulnerability IDCVE-2025-8088
Patch StatusAvailable for 6+ months
Primary ThreatState-sponsored and financially motivated actors
Action RequiredEnsure WinRAR is updated to the latest version

When Rarlab released WinRar 7.13 to patch the security vulnerability back in July 2025, barely anyone thought that this security issue would remain a problem six months later.

A report by Google security researchers suggests that the issue is still exploited actively. It appears that a percentage of WinRar users have not patched the archiving software yet.

Google found out that attacks originate from several countries, including Russia and China. To exploit the issue, attackers need to create a specially prepared RAR archive. When a victim unpacks the archive, malicious files are moved to the autostart of the system for execution.

Google writes:

CVE-2025-8088 is a high-severity path traversal vulnerability in WinRAR that attackers exploit by leveraging Alternate Data Streams (ADS). Adversaries can craft malicious RAR archives which, when opened by a vulnerable version of WinRAR, can write files to arbitrary locations on the system.

The issue affects WinRar and also related apps and files, including unrar.dll. However, the issue affects RAR on Windows only. Other operating systems with RAR apps, including Linux and Android, are not affected by the issue.

How to protect your systems

It is necessary to update WinRar or any of the other Rar tools affected by the issue, to the latest version. Windows users need to install WinRar 7.13 to protect their devices. Downloads are provided on the official Rarlab website.

Just download the latest release and run the installer to update the application. Installation of WinRar 7.20 Beta will also resolve the issue, but since it is a beta release, it is not recommended to run it on most PCs.

WinRAR 7.0 Final released: drops RAR 4 archive creation

Posted on by Martin Brinkmann

The final version of the archiving software WinRAR 7.0 is now available. The developer released four beta versions prior to the release.

WinRAR 7.0 is a major new release that introduces new functionality and changes. One of the main changes improves the use of dictionary sizes.

Support for creating RAR 4.x archives is no longer available. This does not affect the extraction of these formats, as this continues to be supported.

You can download the new version of WinRAR from the developer website. Note that many localized versions are not updated yet to version 7.0.

Follow this link to find out why you should use third-party archive software and not the Windows built-in archive extraction options.

WinRAR 7.0

WinRAR 7.0

The official changelog lists all improvements and changes in the new release. The main new feature improves the handling of compression dictionaries. These dictionaries may improve the compression ratio of archives.

Compression dictionary sizes larger than 1 gigabyte may now be set in the application up to a total of 64 gigabytes. The maximum size depends on the available memory of the computer WinRAR runs on.

Note: WinRAR 7.0 archives created with dictionaries larger than 4 gigabytes can only be extracted using the new version of the archiving software. It also needs to be the 64-bit version of WinRAR in this case.

The maximum dictionary size to extract is set to 4 gigabytes by default. The application shows a prompt to the user if an archive exceeds the size. It is then possible to continue with the extraction or cancel it.

This is done to prevent “unexpected excessive memory allocation” according to the changelog.

WinRAR users who want to make use of new custom dictionary sizes may create presets in the options. Here is how this is done:

  1. Open the Settings and switch to the Compression tab.
  2. Click on “Define dictionary sizes”.
  3. Check or uncheck the available sizes.

The selected sizes are shown in the archive name and parameters dialog then for quick selections.

Other changes

Exhaustive Search

The new WinRAR releases includes two new search options. Alternate search algorithm can be enabled when creating archives. The feature may improve the compression ratio and “sometimes” speed for “redundant data”. Downside is that it does increase memory usage and may reduce the compression speed for some types of data. The algorithm is required for dictionaries larger than 4 gigabytes.

There is also a new Exhaustive search option. This option is “much slower” according to the changelog. It is turned off by default and may improve the compression ratio further at the expense of a “much lower compression speed”.

WinRAR 7.0 comes with additional improvements. The new version supports a maximum path length of 65535 characters now. Previous versions have a path limit of 2047 characters.

There is also a new propagate mark of the web option in Settings > Security. Propagating may be prevented or enabled for certain file types only. It is interesting to note that this option is only available in the graphical user interface version. The command line version of WinRAR never propagates mark of the web.

In case you are wondering, mark of the web may prevent the opening of certain files on the system by default.

Here is a quick list of other changes:

  • New option to show an Attributes column. Enable it under Settings > File List > Columns.
  • The benchmark command supports specifying the number of threads now.
  • New option “remove redundant folders from extraction path” under Settings > Paths. This may remove folders, e.g., a pictures folder when the extraction path is a Pictures folder already.
  • New Word Wrap option for comments.
  • Dictionary size now also available for .bz2, .lz, .tar.bz2, .tar.gz, .tar.lz, .tar.zst archives.
  • Search results support keyboard shortcuts such as Ctrl-A to select all files.

Closing Words

WinRAR 7.0 improves the popular archive software further. Power users benefit from new dictionary sizes, which may improve the compression ratio of archives.

Now You: do you use WinRAR or another archive software?