WinRAR bug put half a billion users at risk

Patrick Devaney


WinRAR is one of those programs that almost everybody has. Nobody can remember where the file compression program came from or how they got it, a lot of people don’t even know it does, it is just there on their PC and always has been. Unfortunately, there is bad news for all of us as security experts Check Point have just found a bug that has been sitting in WinRAR for over 19 years.

winrar threat

This WinRAR bug has put half a billion users at risk

The researchers at Check Point have discovered something rather disturbing. Buried in one of WinRAR’s code libraries is a flaw that could allow hackers to execute a malicious code whenever a “booby-trapped” file is opened with the program. What’s worse about this whole thing is that the code library in question, UNACEV2.dll, hasn’t been used since 2005.

According to Check Point, the bug meant they were able to insert a file into the Windows’ startup folder. This file would then start automatically when Windows was booted and wouldn’t need any sort of administrator’s privileges to do so. Theoretically, this file could be used to grant any third-party full control over the victim’s computer.

WinRAR screenshot
Image via: Check Point

The real shocker is just how many people could have been exposed to the vulnerability. Check Point puts the number at somewhere around 500 million. Yes, half a billion people could have had their computer taken over using this newly discovered WinRAR vulnerability. That means you’ve probably been at risk for the last twenty years.

If you think the fact that this bug is so old means you’re in no rush to deal with it, think again. The fact that the vulnerability is now public means there is much more of a chance that hackers will try and exploit it. This doesn’t mean that Check Point has acted irresponsibly by releasing the details, on the contrary, Check Point notified WinRAR about this vulnerability some time ago, and WinRAR has already taken action to fix it.

Demo on WinRAR bug
Screenshot from video demo of the bug on YouTube

The WinRAR website says, “Nadav Grossman from Check Point Software Technologies informed us about a security vulnerability in UNACEV2.DLL library. Aforementioned vulnerability makes possible to create files in arbitrary folders inside or outside of destination folder when unpacking ACE archives.” WinRAR has since dropped the UNACEV2.dll code library and no longer supports the ACE archive format, which opened the door to nefarious action. Furthermore, WinRAR has released a patch for the problem, WinRAR version 5.70 beta 1, which you can download here.

We highly recommend that if you have WinRAR installed on your PC, you update it immediately. Stay safe, people.

You may also like