If you want to continue decompressing files without problems, update WinRAR.
If you have WinRAR, you should update it as soon as possible for your own safety. Google’s Threat Analysis Group (TAG) has discovered a crack through which hackers can sneak into your computer. This has been operational since early 2023, but has only recently been revealed. Some of the hacker groups responsible are backed by China and Russia.
How to download the latest version
As indicated in the mail published by TAG, The solution to plug the security gap lies in updating the program. “A patch is now available, but many users remain vulnerable,” it states. This is because WinRAR does not update automatically, so unless you do it manually, you will still have an unprotected version.
The versions immune to this problem, already solved in them, are WinRAR 6.24 and WinRAR 6.23. To update your program, go to the link located below this paragraph, which is the website of the studio responsible for the decompressor, RARLAB, and select one of these versions. Remember to choose the Spanish version (or the one in the language that is most comfortable for you).
Download the latest version of WinRAR from RARLAB
If you have Windows 11 with WinRAR, since it recently arrived in the operating system, you can use native support without problemssince this uses the most recent version.
What does the security flaw consist of?
Attackers can execute arbitrary code when a Windows user opens a filesuch as a PNG image, from a ZIP file. According to the TAG, the security flaw is “a logical vulnerability in WinRAR that causes the expansion of strange temporary files when processing compressed files, combined with a quirk in Windows’ ShellExecutive implementation when attempting to open a file with an extension containing spaces.”
This bug It has been primarily used to attack cryptocurrency accounts since April 2023. Although the worst thing is that certain Hacker groups backed by governments of countries, such as China and Russia, have taken advantage of this. Regardless of whether you use cryptocurrencies, we recommend that you update to the latest version of the program, which is one of the most famous to unzip files.
