Skip to main content

WinRAR Releases Security Update

WinRAR has released a security update to address a path traversal vulnerability in their WinRAR file compression utility.

Threat ID:
CC-2945
Category:
Threat Severity:
Low
Threat Vector:
Published:
21 February 2019 12:00 AM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

WinRAR has released a security update to address a path traversal vulnerability in their WinRAR file compression utility.

Threat details

A remote attacker could exploit this vulnerability using a maliciously crafted file to execute commands on an affected system.

Update  

A spam campaign has been discovered that is targeting this vulnerability via a malicious RAR archive attachment.

Remediation steps

Type Step

Users and administrators are encouraged to review the WinRAR releases page and apply the necessary updates

Last edited: 14 February 2020 2:50 pm