Skip to main content

Potentially malicious WinRAR vulnerability patched after almost 20 years

WinRAR is a powerful archival tool that has been available for the past 23 years, allowing users to unpack and create RAR, ZIP, and other archive files. But recently, a collection of security researchers at Check Point Software Technologies have discovered that a vulnerability that could allow malicious individuals to take advantage of users’ machines running the software, implanting startup programs without any needed authorization from the user.

Most users who had used WinRAR around the turn of the century most likely remember the software for its 40-day trial that could easily be bypassed — allowing for continuous use after the initial trial period. WinRAR still exists today, which is why the company quickly patched its software after learning about the vulnerability, adding a fix in version 5.7 beta 1 for an update that is long overdue.

Recommended Videos

The exact details of the dangerous vulnerability came down to a single DLL file — files used by Windows to access libraries of digital information  — that enabled exploiters to use an old component from the defunct ACE archive format. The ACE archive format was last updated in 2007, but WinRAR had decided to continue support for the format until now.

By merely renaming an ACE archive file extension to RAR, WinRAR can be manipulated to extract a malicious program into the computer’s startup folder. Using the exploit, the archive file would appear to decompress and extract itself as usual, while at the same time, in the background, inserting its contents into system folders. Instead of attempting to fix the particular issue, the team at WinRAR have instead dropped support for ACE archives.

Archiving files has come a long way since the world of ACE, and most users will find both the RAR and ZIP file formats to be much more effective than their older sibling. The software is still available on the web for anyone who may have older ACE files to extract or compress, but current Windows users using WinRAR will need to move forward in time if they wish to stay with their archive software of choice.

The ACE vulnerability existed for almost 20 years, with over 500 million WinRAR users, without being patched; it practically begs the question, if we all paid for the trial — would this have ever happened?

Please enable Javascript to view this content

Michael Archambault
Former Digital Trends Contributor
Michael Archambault is a technology writer and digital marketer located in Long Island, New York. For the past decade…
This Lenovo ThinkPad is usually $1,739 — today it’s under $1,000
The Lenovo ThinkPad E16 Gen 2 laptop on a gray background.

If you're browsing laptop deals for a reliable device at a nice price, you can't go wrong with Lenovo's ThinkPad laptops. Here's an offer to consider: the Lenovo ThinkPad E16 Gen 2 with a 43% discount on its estimated value of $1,739, so you'll only have to pay $980. We're not sure how much time is remaining on this chance to buy this laptop for under $1,000 though, so we highly recommend hurrying with your purchase if you don't want to miss the $759 in savings.

Why you should buy the Lenovo ThinkPad E16 Gen 2 laptop

Read more
Microsoft might add a Copilot guided tour to Windows 11 to help new users
Copilot+ PC laptop.

Microsoft could be adding a guided tour to its Copilot app in Windows 11, making it easier for users to get started, according to TechRadar. The six-step guide appears at the top of the app for easy access, and it was Windows leaker @PhantomOfEarth who first spotted it. Microsoft has not officially confirmed the feature, and it is unclear which Insider build it may be tied to, if any.

If you want to try the guided tour, the prompt to start it appears above the Copilot panel. The guide, in its current form, moves at a reasonably fast pace. The first step introduces the prompt box, where users can type or speak requests. This is the main way to interact with Microsoft's AI assistant. The third step guides you through the upload button, which allows you to add documents, images, and other files for Copilot to work with. The pop-up also notes that Copilot can summarize, rewrite, or edit supported content.

Read more
The Alienware 18 Area-51 gaming laptop with RTX 5080 is $500 off today
The Alienware 18 Area-51 Gaming Laptop on a white background.

We weren't expecting the recently announced Alienware 18 Area-51 gaming laptop to appear so soon in Dell's Alienware deals, so you shouldn't miss this chance to enjoy a discount on one of the most powerful machines you can buy right now. This configuration featuring the Nvidia GeForce RTX 5080 graphics card, which originally sells for $3,800, is currently down to $3,300 for savings of $500. You have to be quick with your purchase though, as we're not sure how much longer this price will hold.

Why you should buy the Alienware 18 Area-51 gaming laptop

Read more