PSA: it’s time to update WinRAR due to a big security vulnerability
by Tom Warren from The Verge - All Posts on (#6FNYZ)
Image: Rarlab If you use WinRAR, it's time to update to the latest version after a serious security vulnerability has been discovered that's already in use by attackers. Google's Threat Analysis Group (TAG) has found that multiple government-backed hacking groups have been exploiting the WinRAR vulnerability since early 2023.
A patch is now available, but many users still seem to be vulnerable," says TAG in a blog post detailing the WinRAR exploit. TAG has observed government-backed actors from a number of countries exploiting the WinRAR vulnerability as part of their operations."
WinRAR versions 6.24 and 6.23 both include a fix for the security hole, but the app doesn't update automatically, so you'll have to manually download and install the...