New version of WinRAR has been released, fixing a dangerous vulnerability

The developers of WinRAR have made available a new version of the archiver and recommend users to install it as soon as possible. Version 7.12 contains a fix for the dangerous CVE-2025-6218 vulnerability, which allows attackers to silently run malicious code on Windows PCs.

The vulnerability has a high CVSS score of 7.8 points) and is considered a major security threat. According to the developers, the issue affects all previous versions of the archiver. With the help of the software "bug", attackers could control the file paths during decompression to keep malware outside the Target folder. To successfully carry out an attack on the target PC, it is enough to start decompressing the infected archive.

WinRAR 7.12 is already available for free download on the official website of the program. Since the archiver does not support the automatic update function, it is necessary to manually download and install the latest version. Available for Unix, Android and According to company representatives, the source code of UnRAR does not pose a threat to user data.