قالب وردپرس درنا توس
Home / Tips and Tricks / Update WinRAR now to protect your computer from attacks

Update WinRAR now to protect your computer from attacks



  WinRAR installer logo on a Windows 10 desktop

Do you have WinRAR installed on your Windows computer? Then you're probably attacked. RARLab patched a dangerous security bug at the end of February 2019, but WinRAR does not automatically update itself. Most WinRAR installations are still vulnerable.

What is the father?

WinRAR contains an error that would allow a .RAR file you download to automatically extract an .exe file to your Startup folder. The .exe file will start automatically the next time you log on to the computer and it can infect your computer with malware.

Specifically, this error is a result of WinRAR's ACE file support. An attacker simply needs to create a specially crafted ACE archive and provide it with the .RAR file extension. When you extract the file with a vulnerable version of WinRAR, it can automatically place malicious code into your Startup folder without additional user actions.

This serious error was found by researchers at Check Point Software Technologies. WinRAR contained an old DLL from 2006 to allow support for ACE archives, and that file has now been removed from the latest versions of WinRAR, which no longer supports ACE archives. Don't worry ̵

1; ACE archives are very rare.

However, if you have not heard of this "traverse traverse" error, you may be in danger. WinRAR does not automatically update itself. We are also extremely disappointed that WinRAR's website does not mark information about this security error and instead bury it in WinRAR's edition.

WinRAR reportedly has 500 million users worldwide and we are confident that most of these users have not yet heard of this bug and updated WinRAR.

While an update was released in February, history still retrieves steam. Security researchers at McAfee had identified more than 100 unique online benefits in mid-March, with most users attacking in the United States. For example, a uploaded copy of Ariana Grand's album "Thank You, Next" with the file name "Ariana_Grande-thank_u, _next (2019) _ [320] .rar" available online is used to install malware through vulnerable versions of WinRAR. 19659005]

To check if you have WinRAR installed

If you are not sure if you have WinRAR installed, just perform a search in your Start menu for "WinRAR." If you see a WinRAR shortcut, it is installed.

 WinRAR shortcut in Windows 10's Start menu

Which WinRAR versions are vulnerable?

If you see WinRAR installed, check if you are running a vulnerable version. To do so, start WinRAR and click Help> About WinRAR.

 Find WinRAR version number in the Help menu

WinRAR versions 5.70 and later are safe. If you have an older version of WinRAR, it is vulnerable. This security error has existed in all versions of WinRAR released over the past 19 years.

If you have version 5.70 beta 1 installed, it is also safe, but we recommend installing the latest stable version.

 WinRAR version number in About the WinRAR window

How to protect your computer from malicious RAR files

If you want to continue using WinRAR, go to the RARLab site, download the latest version of WinRAR and install it on your computer

WinRAR does not automatically update itself, so the WinRAR software on your computer will remain vulnerable until you do so.

 WinRAR installation screen

You can also uninstall WinRAR from the control panel. We are not big fans of WinRAR, which is testware that either requires you to pay or add annoying nag screens.

 How to uninstall WinRAR

Instead, we recommend installing free and open source 7-Zip software — this is our favorite unarchiving software. 7-Zip can open RAR files and other archive formats like ZIP and 7z.

If you don't like the program's obsolete icons, you can get nicer icons for 7-Zip.

 7-Zip, a great free alternative to WinRAR

Whatever software you use, we recommend that you have a solid anti-virus software installed and enabled. The antivirus software can often find malware in this way and block it from being installed even if you use vulnerable software, even if the security software is not perfect and you cannot count on it to capture every piece of malware online. Therefore, it is important to have a versatile defense strategy.

RELATED: What is the best antivirus program for Windows 10? (F, b, e, v, n, t, s) {if (f.fbq) return; n = f.fbq = function () {n.callMethod? n.callMethod.apply (n, argument): n.queue.push (argument)}; if f._fbq = n; n.push = n; n.loaded = 0; n (f._fbq!) !. version = & # 39; 2.0 & # 39 ;; n.queue = []; t = b.createElement (e); t.async = 0; t.src = v; s = b.getElementsByTagName (e) [0]; s. parentNode.insertBefore (t, s)} (window, document, & # 39; script, & # 39; https: //connect.facebook.net/en_US/fbevents.js'); FBQ (& # 39; init & # 39 ;, & # 39; 335401813750447 & # 39;); FBQ (& # 39; track & # 39 ;, & # 39; page views & # 39;);
Source link