The National Cyber Emergency Response Team (National CERT) has issued a critical advisory warning of a high-severity security flaw in the widely used file compression software WinRAR, urging immediate action across public and private sector systems in Pakistan.

The vulnerability, identified globally as CVE-2025-8088, affects the UnRAR.dll component of WinRAR and is present in Windows versions up to 7.12. Officials say the flaw allows attackers to exploit specially crafted archive files to run malicious code on a target system.

According to the advisory, the attack works when a user downloads and opens a compromised compressed file. Once executed, the vulnerability can allow remote code execution with the same permissions as the logged-in user, enabling attackers to gain control without needing administrative access.

Security experts warn that the flaw can be used to place malicious files in critical system locations, including startup folders, allowing malware to run automatically each time the system boots. This can lead to persistent system compromise and potential spread across networks.

In response, the Government of Sindh’s IT Department has circulated the advisory to all relevant departments, directing them to immediately update WinRAR to version 7.13 or later.

Organizations have also been instructed to review startup programs, scan all archive files with updated security tools, and ensure that software updates are only downloaded from official sources.

National CERT has urged all institutions to report any suspected compromise immediately through its official reporting channels and to take swift containment measures if unauthorized activity is detected.