WinRAR flaw bypasses Windows Mark of the Web security alerts

3 days ago
April 5, 2025
1 reply
15 views

+54

Jasper_The_Rasper
Moderator
11569 replies

April 5, 2025 By Ionut Ilascu

WinRAR bug lets attackers bypass Windows MotW

A vulnerability in the WinRAR file archiver solution could be exploited to bypass the Mark of the Web (MotW) security warning and execute arbitrary code on a Windows machine.

The security issue is tracked as CVE-2025-31334 and affects all WinRAR versions except the most recent release, which is currently 7.11.

Mark of the Web is a security function in Windows in the form of a metadata value (an alternate data stream named ‘zone-identifier’) to tag as potentially unsafe files downloaded from the internet.

When opening an executable with the MotW tag, Windows warns the user that it was downloaded from the internet and could be harmful and offers the option to continue execution or terminate it.

>>Full Article<<

+63

TripleHelix
Moderator
9045 replies
3 days ago
April 5, 2025

I have 7.11 installed since March 24th!

Thanks,

Daniel - Microsoft MVP Consumer Security (2012-2016) Windows 10 Pro x64 for Workstations 22H2 on my Alienware 17R2 and Alienware 17R5 Laptops with Webroot SecureAnywhere Complete Beta Tester for PC & Android Moto G9 Plus OS 11. "Take Them to the Train Station" ¯\_(ツ)_/¯

Reply

Rich Text Editor, editor1

Reply

Related Topics

Actively exploited Windows Mark-of-the-Web zero-day received an unofficial patch

Alert CISA Adds Four Known Exploited Vulnerabilities to Catalog Release Date September 10, 2024

Windows Mark of the Web Zero-Days Remain Patchless, Under Exploit

7-Zip MotW bypass exploited in zero-day attacks against Ukraine

Windows Smart App Control, SmartScreen bypass exploited since 2018

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded