Various cyber criminal groups and individual hackers are still exploiting a recently patched critical code execution vulnerability in WinRAR, a popular Windows file compression application with 500 million users worldwide.
Why? Because the WinRAR software doesn’t have an auto-update feature, which, unfortunately, leaves millions of its users vulnerable to cyber attacks.
The critical vulnerability (CVE-2018-20250) that was patched late last month by the WinRAR team with the release of WinRAR version 5.70 beta 1 impacts all prior versions of WinRAR released over the past 19 years.
For those unaware, the vulnerability is “Absolute Path Traversal” bug that resides in the old third-party library UNACEV2.DLL of WinRAR and allows attackers to extract a compressed executable file from the ACE archive to one of the Windows Startup folders, where the malicious file would automatically run on the next reboot.