One incredibly popular Windows tools has recently been updated to address a zero-day exploit that could give bad actors a chance to install malware on devices running older versions of the app. The app in question is WinRAR, a file compression tool that has become a mainstay on Windows PCs thanks to its compression quality and usefulness.
According to a post shared by the WinRAR dev team, all WinRAR users are urged to update the app to version 7.13, which addresses a “traversal vulnerability” that could allow the app, as well as Windows and Unix versions of RAR, UnRAR, and portable UnRAR, to be tricked into using a path that was “defined in a specially crafted archive, instead of the user specified path.” Essentially, it could allow bad actors to trigger a path that causes your computer to download and unpack malware instead of the compressed file you’re trying to unpack.
You probably haven’t updated WinRAR in a while
Despite being one of the most popular compression tools on the internet, the chances that many of the users who downloaded it have actually taken the time to update WinRAR are rather slim. While WinRAR is technically a paid app, users are given a 30-day free trial that doesn’t actually lock them out once it ends. Instead, it triggers a pop-up encouraging you to buy the full product whenever you launch it. But, since you can close out that pop-up, most users continue to use it well beyond the trial’s end date.
Since most people aren’t busy unzipping files on a daily basis, it’s possible that you haven’t even opened WinRAR recently. That doesn’t mean you should wait to update the app as soon as possible. While there is no record of this zero-day exploit being used actively, bad actors could decide to try their luck with it in the future, as previous exploits have been heavily abused in the past. As such, it’s always best to update when these kinds of zero-day exploits are fixed in newer versions of an app.
