Security News > 2021 > October > We regret to inform you there's an RCE vuln in old version of WinRAR. Yes, the file decompression utility
A remote code execution vulnerability existed in an old and free trial version of WinRAR, according to infosec firm Positive Technologies.
While a vuln in version 5.7 of WinRAR may not seem like an immediate threat given that version was first released two years ago and has been superseded since, simple shareware/free-to-use software has a habit of being used long after its due date.
Users should check their installed versions of WinRAR and update if it isn't v 6.02 or later, though the practicality of the attack seems limited unless your device or network is first compromised by other means.
Positive Technologies' Igor Sak-Sakovskiy acknowledged that many people have old versions of WinRAR installed in his firm's blog post about the vuln, writing: "We had installed and used the application for some period."
The RCE itself could be induced through a WinRAR dialogue box which happened to spawn an Internet Explorer instance.
Sniffing WinRAR traffic with Burp Suite allowed researchers to identify and then modify traffic being sent to and from the dialogue box.