Friday, December 1, 2023

WinRAR – Urgent Alert Update Immediately!


HomeSoftwareWinRAR – Urgent Alert Update Immediately!

Related posts

Roundcube : Nation-State Actors Exploit 0-Day Vulnerability

IntroductionThe Roundcube Zero-Day ExploitationThe Attack Chain UnveiledWinter Vivern: A...

Windows 11 Enhanced with Server Message Block Client Encryption Integration and DNR!

Microsoft is fortifying Windows 11 by introducing support for...

Google Maps and Waze Disables Live Traffic in Israel, Gaza

Following the invasion by Russia, similar decisions were made...

Nvidia’s Arm-Based Processors: The Next Big Leap for PCs in 2025!

Nvidia is said to be in the early stages of developing Arm-based processors suitable for Windows PCs

How to Master NIC Teaming: 5 Essential Steps for Success.

Learn how to configure NIC teaming in Windows for high availability networking. Discover steps for setup and more.

Users of WinRAR, take note: there’s an urgent need to upgrade to the most recent version due to a significant security flaw that’s being actively exploited. Google’s Threat Analysis Group (TAG) has highlighted that several state-sponsored hacker groups have been taking advantage of this weakness since the beginning of 2023.

TAG commented on their blog, “Although a fix has been released, a considerable number of users remain at risk. We’ve noticed hackers, supported by various governments, leveraging this WinRAR flaw in their operations.”

Both WinRAR versions 6.24 and 6.23 contain patches for this issue. However, the software lacks an auto-update function, requiring users to download and implement the patch manually. Surprisingly, in 2023, this widely-used Windows software still lacks an auto-update capability.


The security flaw in question can let hackers run any code when a Windows user tries to open files, for instance, a PNG within a ZIP folder. TAG elaborated on this, stating, “The vulnerability stems from an inconsistency in WinRAR when it expands unnecessary temporary files from manipulated archives. This is aggravated by a peculiarity in Windows’ ShellExecute when it tries to access a file with a spaced-out extension.”

Since early 2023, attackers have been exploiting a vulnerability in WinRAR

Furthermore, from April 2023, this flaw has been utilized to compromise cryptocurrency trading accounts. TAG emphasized, “The extensive misuse of the WinRAR glitch shows that, even when patches exist, using known vulnerabilities remains highly potent. The frequent attacks on this particular bug stress the critical nature of timely software updates and the ongoing need to simplify the update process for users.”

This is not the inaugural discovery of a major WinRAR flaw. Back in 2019, Check Point Research unveiled a code execution bug, lingering for 19 years, which could permit hackers to seize complete control of a user’s PC.

To safeguard your system, download the newest WinRAR update here. Alternatively, Windows 11 users can rely on the in-built support for RAR 7-zip files provided in the most recent OS update.

I'am IT Professional & Owner of I have been working in IT industry for more than 15 years. Apart from work, I love to read books and share knowledge.

Latest posts


Please enter your comment!
Please enter your name here