19 Year Old WinRAR Vulnerability Exploited Around the Globe

WinRAR, a popular file utility tool, has been found to have a 19 year-old vulnerability. Fortunately, WinRAR developers were able to remediate the problem shortly after the information went public. However, that’s not to say the issue has been entirely resolved.

In order to receive the patch, users must update the software program. If users do not do so, the known vulnerability will remain exposed. The issue is, now that hackers are aware of the security gap, they have begun exploiting it around the globe.

Cyber criminals are using phishing emails with the malicious file CMSTray.exe attached. This executable file is meant to exploit the vulnerability left open within any unpatched WinRAR software.

To prevent the malware from running, users should update WinRAR to the latest 5.70 Beta 1 Version. Then, users need to replace their existing security solution with one that deploys application whitelisting as its primary method of malware detection. Even if the software was left unpatched, (which we do NOT recommend), the malicious file sent by the hackers would not be able to install on any devices running a whitelisting agent, because CMSTray.exe is not a known, trusted file.

Stay protected!

The vulnerability being discussed is in no way related to PC Matic.  It is however, tied to WinRAR, which is a program that PC Matic will patch, as those security patches become available.  If you are uncertain if WinRAR has been patched, you may run a security scan through PC Matic, and follow all suggested enhancements.  Once this is complete, be sure to reboot the PC to finalize all changes. 

 5,804 total views,  1 views today

(Visited 1 times, 1 visits today)

3 thoughts on “19 Year Old WinRAR Vulnerability Exploited Around the Globe”

  1. This vulnerability was fixed in WinRAR v5.70 latest final release.
    Downloadable from https://www.win-rar.com/download.html

    If you don’t want to upgrade to the latest version, then by removing the UNACEV2.DLL file from your current WinRAR version you will be protected against this vulnerability.
    This file is found in the program folder of WinRAR v5.10 and higher, or in the formats subfolder of WinRAR in versions lower than 5.10.

    I trust that this cleans up the “19 Year Old WinRAR Vulnerability Exploit”

    Happy computing folks.

  2. Makes you wonder why they waited until now to say any thing nor fix it.

    This is a problem with all closed source software and operating systems.

    No one knows until it is too late.

    I would rather stick with linux. At least *someone* is watching….

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.