Critical WinRAR Vulnerability CVE-2025-31334: Update to Version 7.11 to Avoid Malware Risk

A critical vulnerability, identified as CVE-2025-31334, has been discovered in WinRAR versions prior to 7.11. This flaw allows attackers to bypass the 'Mark of the Web' (MotW) security warnings in Windows, potentially leading to the execution of arbitrary code and malware installation without user consent. The vulnerability involves the exploitation of symbolic links within specially crafted RAR archives. When a user opens a malicious archive containing a symlink to an executable file, the executable can run without the standard Windows security prompt. To mitigate this risk, users are strongly advised to update to WinRAR version 7.11 immediately. This update addresses the vulnerability and restores the intended security measures. The flaw is considered to be of medium severity, primarily because attackers would need to have high privileges to exploit it, and this might prove to be a considerable obstacle. Nevertheless, WinRAR users should make the effort to update to the fixed version 7.11 as, unfortunately, the utility does not have auto-update functionality. It is also recommended to exercise caution when opening RAR archives from untrusted sources.