Skip to main content

WinRAR flaw


WinRAR Resolves 19-Year Old Vulnerability

By News, Patch Management

WinRAR Resolves 19-Year Old Vulnerability

A nasty code-execution bug in WinRAR threatened millions of users for decades.

Check Point Research has uncovered a vulnerability in file extraction software WinRAR that has left users at risk for the past 19 years. The security flaw allows attackers to extract files of malicious software to access users’ PC systems.

Hackers manipulated WinRAR into extracting a malicious program to a PC’s startup folder by renaming an ACE file with a RAR extension. The malicious program could then run automatically when a computer system rebooted.

After Check Point released the report, WinRAR patched the exploit by releasing a new version of the software that drops support for ACE archives. Industry experts believe over 500 millions users could be affected, making the risk of a global scale exploitation increasing likely.

We recommend deploying the latest critical patch released for WinRAR which resolves a vulnerability that impacts all versions of WinRAR over the past 19 years.

Start a Free Trial

Try Syxsense today and start patching your IT environment with a powerful and easy-to-use IT management toolset.
Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo