PSA: Update your WinRAR copy to fix an actively exploited security vulnerability

Google’s Threat Analysis Group (TAG) has uncovered a serious security breach involving a legendary piece of Windows software: WinRAR. According to TAG’s research, a government-backed threat actor has been actively exploiting the vulnerability (CVE-2023-38831) since the start of this year.

But, there’s still one alarming detail: WinRAR doesn’t have an in-app update function. This leaves its users vulnerable, as malicious actors take advantage of this by sending decoy files like PDFs and PNGs in extraction archives they tricked users into downloading. The result is executable code, dangerously extending WinRAR’s limitations for cyber criminals to take control over a targeted system.

Due to the circumstances, WinRAR users have 3 courses of action: Overwrite their copy with the latest versions 6.23 or 6.24, replace the popular Windows’ app completely by switching to 7Zip or its NanaZIP modified version, or give up third-party apps altogether.

Windows 11 OS has scope for undated feature file capabilities to handle any type of archive, such RAR, TAR, 7Z, etc.. But in a situation of not being able to update automatic replacements, patching WinRAR’s software as soon as possible is the optimal solution.

Robert Wilson author
Articles: 12200