WinRAR 19-year-old security vulnerability that put millions at risk

Security researchers have discovered a bug in the WinRAR file compression application that actually allow hackers to execute code remotely. The flaw has existed in all versions of the software for the last 19 years.

According to a post by researchers at Check Point Software, the exploit works by just extracting an archive, and puts over 500 million users at risk.

“We found a logical bug using the WinAFL fuzzer and exploited it in WinRAR to gain full control over a victim’s computer,” said Nadav Grossman of Check Point Software.

“The exploit works by just extracting an archive and puts over 500 million users at risk. This vulnerability has existed for over 19 years(!) and forced WinRAR to completely drop support for the vulnerable format.”

Leave a Reply

Your email address will not be published. Required fields are marked *