Users should update to the latest version of WinRAR immediately to avoid potential risks.
Security experts have just discovered and patched a serious security vulnerability in the WinRAR file compression and decompression software. Therefore, users should update to the latest version immediately to avoid becoming a target of hackers.
WinRAR - one of the most familiar file compression and decompression tools for Windows users has just released an important update to patch a serious zero-day vulnerability. This security vulnerability can be exploited by hackers to install malware on computers running old versions of WinRAR, directly threatening users' data and privacy.
According to an announcement from RARLAB - the developer of WinRAR, the version 7.13 update fixes a "traversal vulnerability" that allows attackers to insert fake paths into specially crafted compressed files.
When a user opens or decompresses this file, WinRAR and its Windows or Unix versions of RAR, UnRAR, and UnRAR Portable may accidentally use a fake path, resulting in downloading and decompressing malware instead of the legitimate data file.
More dangerously, this type of attack does not require users to perform many complicated operations, just decompressing a seemingly safe file can be enough to compromise the system. Therefore, RARLAB recommends that all users immediately upgrade to WinRAR 7.13 to eliminate the risk.
Many users do not pay attention to updating WinRAR
Although WinRAR is one of the most popular file compression and decompression tools on the Internet, the reality is that many people install it and forget to update it. The reason is not difficult to understand because WinRAR is a paid software, users can try it for free for 30 days but the features are not blocked when it expires.
After this point, the application only displays a license purchase prompt every time it starts up, and since it can be turned off easily, most users continue to use it indefinitely.
Photo: Internet
Additionally, WinRAR is not a software that users open every day, so many people don't even remember the last time they ran the application. This leads to security updates often being missed.
While there are currently no known cases of exploiting the newly patched zero-day vulnerability, precedent shows that previous WinRAR vulnerabilities have been thoroughly exploited by cybercriminals.
Therefore, proactively updating to the latest version as soon as a patch is available is extremely important, helping users close the "door" that bad guys can take advantage of in the future./.
