WinRAR has a bug: 500 million users at risk

CheckPoint researchers discovered a vulnerability in WinRAR that put the PCs of 500 million users at risk. Here's what to do to defend yourself

A bug present in WinRAR  has endangered the personal data of more than 500 million users. Researchers from Check Point, a company specialized in cybersecurity, discovered the flaw and immediately warned WinRAR developers. A patch to fix the problem has already been released. The bug made any PC vulnerable to any kind of cyber attack and gave hackers the ability to take control of the computer and the entire corporate network.

The vulnerability was present in WinRAR since the release of the first version and affected all versions developed in the last 19 years. The problem resided in the UNACEV2.DLL library used to decompress files in ACE format. By exploiting the vulnerability, hackers could hide viruses inside the ACE files that would infect the computer without the user being able to notice them. The library had no countermeasure against this type of attack and made the PC vulnerable. WinRAR has released a patch that disables the offending library.

What you risk using an old version of WinRAR

If you are still using an outdated version of WinRAR you are putting the security of your data and PC at risk. The vulnerability discovered by CheckPoint researchers allows hackers to take control of your PC and corporate network. WinRAR developers have released a new version (WinRAR 5.70 Beta 1) that solves the issue by disabling the use of the UNACEV2.DLL library. The only drawback is the end of support for ACE formats that can no longer be decompressed using WinRAR.

To update WinRAR just go to the program's website and download the latest version of the software.