Follow

Update now! WinRAR files can be abused to run malware

Users should install the latest version (WinRAR 6.23 or later) at their earliest convenience.

The update release notification states that another vulnerability was fixed, described as:

“WinRAR could start a wrong file after a user double clicked an item in a specially crafted archive.”

win-rar.com/singlenewsview.htm

Windows 11 users are likely to hold of on installing the latest version, because Microsoft announced their latest operating system (OS) will natively support RAR and some other archive formats.

“We have added native support for additional archive formats, including tar, 7-zip, rar, gz and many others using the libarchive open-source project. You now can get improved performance of archive functionality during compression on Windows.”

So, until you have installed the new version, it is advisable to be careful when someone sends you an archived file. Opening the archive to scan the content is not a safe option right now.

Given the great many users of WinRAR the impact of these vulnerabilities could be substantial, knowing that similar flaws were abused by hackers in the past to install malware.

February 25, 2019

bleepingcomputer.com/news/secu

Sign in to participate in the conversation

CounterSocial is the first Social Network Platform to take a zero-tolerance stance to hostile nations, bot accounts and trolls who are weaponizing OUR social media platforms and freedoms to engage in influence operations against us. And we're here to counter it.