WinRAR patched 19-year-old bug

WinRAR has patched a 19-year-old security vulnerability that allowed attackers to infect your computer with malware via specially crafted ACE archives. It was discovered by researchers at Check Point Software Technologies.

The vulnerability itself lies in unacev2.dll, a library used to parse ACE archives, a little-used compression format that dates back to the 1990s. In practice, the vulnerability would be targeted via WinRAR or other popular archive extraction tools that include and use this wonky .dll.

After the security researchers informed WinRAR of their findings, the team patched the vulnerability with version 5.70 beta 1 of the software. Rather than attempt to fix the issue, the team opted to drop support for ACE archives entirely.

WinRAR is a popular file-archiving utility for Windows, which can create and allow viewing of archives in Roshal Archive Compressed (RAR) or ZIP file formats, and unpack numerous archive file formats. If you are one of the millions still using WinRAR, this would be a good time to update the software.

Read more -here-

• Ireland fines TikTok 530 million euros for sending EU user data to China
• Xbox consoles, controllers, and games are getting more expensive
• Waymo partners with Toyota to bring robotaxis to everyone
• Meta launches standalone AI app rivaling OpenAI's ChatGPT
• US FCC to review spectrum sharing rules to boost space-based telecom
• Google is dropping support for its oldest Nest Learning Thermostats