According to ChainCatcher and Jin10 reports, the Japanese security team CSIRT recently exposed a security vulnerability in WinRAR that can bypass Microsoft Windows' MarkoftheWeb (MoTW) security mechanism, potentially allowing users to unknowingly execute malicious programs from the internet, posing a serious security risk. The vulnerability is numbered CVE-2025-31334.
To proactively address the cybersecurity challenges posed by the WinRAR security vulnerability to critical infrastructure, the following technical measures are recommended: first, conduct a comprehensive investigation of computer network devices involving the vulnerability among WinRAR users and promptly install the latest version. Second, reset the WinRAR client configuration. Third, it is recommended that WinRAR users avoid connecting to untrusted networks when handling sensitive data.
