WinRAR Resolves 19-Year Old Vulnerability

WinRAR Resolves 19-Year Old Vulnerability

Check Point Research has uncovered a vulnerability in file extraction software WinRAR that has left users at risk for the past 19 years. The security flaw allows attackers to extract files of malicious software to access users’ PC systems.

Hackers manipulated WinRAR into extracting a malicious program to a PC’s startup folder by renaming an ACE file with a RAR extension. The malicious program could then run automatically when a computer system rebooted.

After Check Point released the report, WinRAR patched the exploit by releasing a new version of the software that drops support for ACE archives. Industry experts believe over 500 millions users could be affected, making the risk of a global scale exploitation increasing likely.

We recommend deploying the latest critical patch released for WinRAR which resolves a vulnerability that impacts all versions of WinRAR over the past 19 years.

Recent Posts

Topics

Related Posts

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

In the News: Brute-force attacks surge worldwide, warns Cisco Talos

April 17, 2024
In the News: Why 92% of Security Professionals Worry About Generative AI

In the News: Why 92% of Security Professionals Worry About Generative AI

April 16, 2024
April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 2024 Patch Tuesday: Microsoft releases 147 fixes this month including 3 Critical Threats.

April 9, 2024
In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

In the News: Let’s Celebrate World Backup Day 2024 – Hear From Industry Experts

March 29, 2024