Security advisories

WinRAR Code Execution Flaw

February 27, 2019 | 1 MIN READ

Speak With A Security Expert Now

TALK TO AN EXPERT

On February 20th, researchers at Check Point disclosed a code execution flaw in the popular archive utility WinRAR [1].

In a proof-of-concept exploit, researchers demonstrated that malicious files opened by the utility could be written to the startup folder in Windows then executed on next reboot. Available endpoint telemetry across eSentire customers indicates vulnerable versions of WinRAR are widely deployed. Customers are encouraged to update WinRAR clients or use an alternative archive utility.

What we’re doing about it

What you should do about it

Additional information

References:

[1] https://threatpost.com/winrar-flaw-500-million-users/142080/

[2] https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=111&cHash=7e2fd80e7b9daad5a224dc7cedbcefcb

View Most Recent Advisories