Google says this “TAG observed that government-sponsored organizations in various countries were using the WinRAR vulnerability in their operations”but at the same time, the researchers did not specify which countries were involved. As we know, large hacking teams are working for Russia, China, Iran and North Korea. But of course, there are also those in the USA and European countries.

What is known

The developers have already released a patch, but many users using older versions of the archiving program are still vulnerable. WinRAR versions 6.24 and 6.23 close this vulnerability, but The app does not update automatically so you need to download and install the patch manually.

The vulnerability allows attackers to: Execute arbitrary code when a Windows user opens something like a PNG file in a ZIP archive. TAG describes the vulnerability as follows: “A logical vulnerability in WinRAR that, combined with a feature of the Windows ShellExecute application, leads to a third-party temporary file extension when processing fabricated archives when trying to open a file with an extension containing spaces.”.

This isn’t the first time a major security vulnerability has been discovered in WinRAR. In 2019, Check Point Research, a cybersecurity company, discovered a 19-year-old code execution vulnerability that could give attackers complete control over the victim’s computer.

You can download the latest WinRAR update from the official website.