19-year-old WinRAR Bug Is Being Exploited to Install Malware

A code-execution vulnerability that was discovered in WinRAR not long ago has started being heavily exploited by hackers. These attacks are apparently able to install malware on people’s computers quite easily, as most of the antiviruses are unfortunately unable to detect it. WinRAR is one of the most popular file-compression programs for Windows, numbering 500 million users across the globe.

WinRAR has a serious security bug

This critical security bug has been disclosed in February this year by Check Point Research. The bug basically allows attackers to install lasting malicious applications whenever someone opens a compressed ZIP file using WinRAR. The problem is quite serious, as this applies to any version of the program that was released in the last 19 years.

This week we’ve also seen a report from a researcher at McAfee showing that the security company managed to identify more than 100 unique exploits only in the first week since the bug was uncovered. Until now, it seems that most of the targets were located in the United States.

McAfee Research Architect Craig Schmugar mentioned in a recent post that when the contents of an archive are extracted using a vulnerable version of the program, “a malicious payload is created in the Startup folder behind the scenes.” As you can probably suspect, users in this situation do not receive any alerts. Then, the next time their computer restarts, the malware has the chance to run.

Users of WinRAR are advised to be extremely careful

Since this is an ongoing issue and it is pretty serious, people are advised to be extra cautious of their online activities. They should also make sure that the are using the version 5.70 of WinRAR, as any other version is definitely vulnerable to these recent attacks. However, it is recommended to avoid using the program until the problem has been fixed.

Be the first to comment

Leave a Reply

Your email address will not be published.