If you’re someone who uses WinRAR to handle your archived files such as ZIP and RAR files, you need to immediately update WinRAR when you can. This comes after a major security vulnerability in the popular trialware file archiver was found.
According to a post on Google’s blog by their Threat Analysis Group, they have seen a number of hacking groups exploiting a vulnerability in WinRAR (CVE-2023-38831). They claim that these hacking groups have been exploiting the vulnerability since early 2023, when the bug wasn’t even known others yet. TAG also added that while WinRAR has since patched the issue in August this year, many users remain vulnerable as it requires you to manually update your copy of WinRAR. As such, if you yourself have WinRAR on your computer, you should probably update it to the latest version as soon as possible.
Essentially, the bug CVE-2023-38831 affected all versions of WinRAR prior to v6.23. It allowed hackers to execute arbitrary code onto a victim’s computer if they tried to view a normal file within the same ZIP archive. The issue occurs when the ZIP archive has both a normal file such as a JPG file and a folder with the same name as the normal file storing other content such as executable, potentially malicious code. Attempting to access the normal file would then cause WinRAR to also process the other folder that shares a name with it.
It has already been seen exploited in the wild, with Google’s TAG claiming that hacking groups linked to Russia and China have already used the WinRAR vulnerability on others. They also urge users and organisations to ensure that they keep their software up-to-date and install security updates whenever they become available. The latest version of WinRAR is v6.24, which has already patched out the bug.
“The widespread exploitation of the WinRAR bug highlights that exploits for known vulnerabilities can be highly effective, despite a patch being available.
These recent campaigns exploiting the WinRAR bug underscore the importance of patching and that there is still work to be done to make it easy for users to keep their software secure and up-to-date,” – Kate Morgan, Google Threat Analysis Group
Of course, if you’re using one of the over 400 million devices with Windows 11 onboard, you won’t even need WinRAR anymore. Microsoft’s latest major update for the operating system brought along not just their AI-powered Windows Copilot assistant, but also finally native support for major archive formats like RAR and 7-zip. This means that, if you’re on the latest version of Windows 11, you can finally uninstall WinRAR or indeed any other third party archival tool you might have installed on your computer.
