Here's Yet Another Serious Reason to Stop Using WinRAR
1 min read
Summary
A new security vulnerability, designated CVE-2024-31334, has been discovered in WinRAR, which could allow a hacker to take control of a user’s system.
The vulnerability is centred around the Mark of the Web (MotW), a security protocol in Windows that uses file metadata to indicate files that could potentially be harmful and are often downloaded from the internet.
WinRAR versions 7.11 and newer have included a fix for this issue, but the archiver’s developers have yet to determine exactly what the flaw is.
To take advantage of the flaw, a hacker would need to create a malicious symbolic link, which could result in malicious code being run on the target’s PC; to do so would require administrator permissions.
This is not the first security flaw discovered in WinRAR, with other vulnerabilities having been found and patched in recent years.
With WinRAR costing $29 for a license and Windows supporting numerous archive formats natively, many users are opting for other archivers to handle their file compression needs.
