One of the most popular archivers WinRARIt is actively downloaded and used by tens of millions of users all over the world. However, like most programs with multiple users, WinRAR has become an object that has interested hackers trying to use the program to penetrate the victims' computers.
Experts of the analytical company Check PointResearch specializing in computer security, discovered a vulnerability in WinRAR. During the analysis, a part of the program code was detected, which has the ability to move the infected file from the ACE format archive directly to the Windows startup folder, bypassing the need to launch the application with elevated privileges. A vulnerability has been discovered in the UNACEV2.dll library, which has not been updated since 2005.
According to researchers, this deficiency couldover the years put at risk more than 500 million users. Check Point claims that WinRAR decided last month to stop supporting the format of the ACE archive, which opens the way for attackers. At the same time, the UNACEV2.dll file has been deleted from the software.
Thus, the problem for users of the WinRAR version: 5.70 beta 1 has already been fixed, we recommend updating the program by downloading it from the official site.