File compression has been an indispensable tool for computer users ever since it was first developed in the late 1980’s. Back then space on relatively small hard drives was at a premium, and compacting files that weren’t currently being used was a great way to free up a few valuable megabytes. These archived files also transferred faster over the slow, newborn internet.
Today there are many varieties of file compression: Zip, Gzip, RAR, 7z to name a few. WinRAR is a utility that allows you to compress/decompress most of the more common compressed file types, and many less-used types.
One of these lesser-used file types is called ACE. Recently a vulnerability has been found in WinRAR that can allow a malicious ACE archive to drop malware onto your system. This flaw has been present in WinRAR for 19 years but was just noticed earlier this year.
They have since patched their software with the release of version 5.70, but unfortunately WinRAR does not automatically check for updates. This means that there are millions of users out there with older versions of the software on their machine just waiting to be attacked.
Social engineering tactics have been used with these malicious archives, with adult photos or mp3s displayed inside them to entice the user to open the compressed file thereby infecting their system. Backdoors seem to be a common payload distributed by this process.
SUPERAntiSpyware can help protect you from many of the malware variants that have been distributed through this method. Along with keeping SUPERAntiSpyware’s definition database up-to-date, we recommend updating WinRAR to version 5.70 just to be safe.
That is not safe that WinRAR does not automatically check for updates, attacking is really a huge problem.
We agree that WinRAR’s lack of automatic updates can leave a system vulnerable, which is why we wrote the article encouraging people to manually update the software.