Particle.news
Download on the App Store
4 ARTICLES
·
last wk.

WinRAR Issues 7.13 Patch After RomCom Exploits RAR Flaw and libarchive Vulnerability Upgraded to Critical

Installing WinRAR 7.13 stops active RomCom attacks in crafted RARs, addressing a separate integer-overflow vulnerability in libarchive that was upgraded to critical status.

Image
Image
Image

Overview

  • WinRAR released version 7.13 on August 11 to fix CVE-2025-8088, a path-traversal flaw that enables arbitrary code execution when unpacking manipulated RAR archives.
  • ESET researchers observed spearphishing campaigns from the Russia-linked RomCom group deploying malicious RAR attachments between July 18 and 21 to install backdoors in finance, defense, logistics and manufacturing firms.
  • All WinRAR releases up to 7.12 and related UnRAR components remain vulnerable, while Unix and Android builds are not affected by the path-traversal bug.
  • The libarchive library’s CVE-2025-5914 integer-overflow/double-free flaw in .rar parsing was initially rated low but was reclassified as critical (CVSS 9.8) by NIST on June 20.
  • Users should update WinRAR immediately and administrators must verify patched libarchive versions across Linux, Unix and any vendor or Windows builds embedding the library.