WinRAR Vulnerability

File compression has been an indispensable tool for computer users ever since it was first developed in the late 1980’s. Back then space on relatively small hard drives was at a premium, and compacting files that weren’t currently being used was a great way to free up a few valuable megabytes. These archived files also transferred faster over the slow, newborn internet.

Today there are many varieties of file compression: Zip, Gzip, RAR, 7z to name a few. WinRAR is a utility that allows you to compress/decompress most of the more common compressed file types, and many less-used types.

One of these lesser-used file types is called ACE. Recently a vulnerability has been found in WinRAR that can allow a malicious ACE archive to drop malware onto your system. This flaw has been present in WinRAR for 19 years but was just noticed earlier this year.

They have since patched their software with the release of version5.70, but unfortunately WinRAR does not automatically check for updates. This means that there are millions of users out there with older versions of the software on their machine just waiting to be attacked.

Social engineering tactics have been used with these malicious archives, with adult photos or mp3s displayed inside them to entice the user to open the compressed file thereby infecting their system. Backdoors seem to be a common payload distributed by this process.

SUPERAntiSpyware can help protect you from many of the malware variants that have been distributed through this method. Along with keeping SUPERAntiSpyware’s definition database up-to-date, we recommend updating WinRAR to version5.70 just to be safe.