The researchers from Check Point Software discovered that WinRAR, one of the most popular file compression applications on Microsoft Windows, contains a cybersecurity flaw. Its users are best advised to update to the latest version as soon as possible.
All of the versions released in the last 19 years contain the bug. Since WinRAR has well over 500 million users worldwide, it’s safe to assume that a large portion of them are affected, which translates to numbers that are quite substantial in size.
In technical terms, the problem lies in UNACEV2.DLL, a library that’s included with each distribution of WinRAR. The library is required to unpack files in ACE format. If one were to unpack a malicious ACE file, the vulnerability present in it could be used to plant malicious files on the victim’s computer.
If such a malicious file gets executed on a machine that’s not updated to the latest version of the application, the malware will spread to the system’s startup folder, effectively taking control over the entire operating system right after the next reboot.
Managers of large corporations should be wary of this and avoid opening any ACE files they receive through email or otherwise, at least until updating to the latest version of the software. This should be brought to the staff members’ attention as well.
Since this kind of app is often installed on home and corporate systems, they make an ideal attack surface to target, as indicated by the popularity of buying file compression vulnerability information on the dark web exploit platforms.