WinRAR Flaw Found Actively Being Exploited

A critical 19-year-old WinRAR vulnerability disclosed last week has now been spotted actively being exploited in a spam campaign spreading malware.

The security vulnerability found in the Popular Windows data compression tool allows attackers to extract malicious software to anywhere on your hard drive. It was discovered by researchers at Check Point Software Technologies and resides in the way an old third-party library, called UNACEV2.DLL, used by the software handled the extraction of files compressed in ACE data compression archive file format.

Just a couple of days after the blog post went public, a Proof-of-concept (PoC) exploit code for the newly discovered WinRAR vulnerability was published to Github.

To make things even worse, an email campaign that's distributing a malicious RAR archive file has been discovered. It exploits the latest WinRAR vulnerability to install malware on computers running the vulnerable version of the software.

Get A Report of All Vulnerable WinRAR Installations

If you currently have WinRAR deployed on your workstations, it's pretty critical that you update it at the earliest opportunity to ensure that you don't fall prey to this exploit.

Lansweeper can tell you in no time which devices have a vulnerable WinRAR version in place and need to be patched. Simply run our custom color-coded report and get cracking.

Patch Critical WinRAR Versions

The best way to protect yourself from these attacks is to update your software by installing the latest version of WinRAR as soon as possible and avoid opening files received from unknown sources.

Run our custom report to identify all outdated WinRAR installations and use our deployment package to patch all critical WinRAR versions .