If You’re Still Using WinRAR, Be Sure to Get the Latest Update


Of all the applications on your PC, the one you used to unzip files in college might seem like a pretty innocuous little program. After all this time, you may have even forgotten that you still had it installed on your machine.

Thanks to its lightweight design and never-ending free trial period, WinRAR was one of the most popular desktop applications of the early 2000’s.

Although its utility has been somewhat diminished by more modern file-sharing options, it’s still a common feature of many home computers. Chances are, you’ve used it at least a few times over the years.

Recently, however, a team of security experts from Check Point Research published a report detailing a security exploit in WinRAR that went undetected for 19 years. The team discovered the vulnerability while using an automated software testing tool called WinAFL to perform fuzz testing in Windows environments.

During these tests, the researchers found that hackers could use WinRAR to extract a malicious ACE program to a PC’s startup folder by simply disguising the ACE file as a RAR archive. Although this exploit went unnoticed for nearly two decades, the researchers estimate it could have put the personal data of 500 million users at risk.

The good news is, WinRAR was quick to patch the exploit after receiving the report from Check Point. As it turns out, WinRAR had been using a third-party tool to unzip ACE files that had not been updated in 14 years.

If WinRAR is still tucked away in the applications folder of your PC, now’s the time to update. While you’re at it, you might consider uninstalling some of the more outdated applications on your PC as well. Clearing out these old applications will not only free up valuable hard drive space on your machine, but also mitigate your exposure to potential security threats.

Written by Beta Breakers

Beta BreakersWith Experience in Quality Assurance & Testing Desktop Software, Mobile Apps, Websites & Web Applications for Nearly 30 Years, Beta Breakers has become the Premier Software Quality Assurance Labs and Application-Testing Provider - Learn More Here

Receive the latest blog posts from Beta Breakers directly in your inbox

* indicates required

Intuit Mailchimp

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.