WinRAR patches 19 year old security issue

Published by


Well, it took them a while, but it is finally patched. You might want to grab the latest build btw as a vulnerability allowed attackers to copy malware into any folder on the computer or network share unnoticed. By copying the file into the startup folder of Windows, the malware would execute every time Windows started.

WinRAR is a so-called file archiver utility and allows users to combine multiple files into one, and/or shrink the file size of files by compressing them. Due to a bug in the decompressing algorithm of the old, compressed file format .ACE, it was possible to install malware on the computer reports myce.

The security researchers who discovered the issue reported it to the developers of WinRAR, who immediately released a patch to fix the bug. The fix was rather simple, the developers removed support for the outdated .ACE format. WinRAR is very popular, worldwide the software is installed on more than 500 million computers. It’s unknown whether the vulnerability has been exploited in the wild. All WinRAR users are advised to update as soon as possible.

WinRAR patches 19 year old security issue

Share this content
Twitter Facebook Reddit WhatsApp Email Print