heise online

WinRAR: Code smuggling vulnerability is being attacked

A security vulnerability in the WinRAR compression program, present until version 7.12 Beta 1, allows attackers to inject malicious code. Attacks exploiting this vulnerability have now been observed.
Threat Post

19-Year-Old WinRAR Flaw Plagues 500 Million Users

Users of the popular file-compression tool are urged to immediately update after a serious code-execution flaw was found in WinRAR. Popular Windows data compression tool WinRAR has patched a serious ...
TechSpot

Remote code execution vulnerability found in older versions of WinRAR, update it now

In brief: Last week, a researcher discovered a vulnerability in older trial versions of the WinRAR file compression software. It allows for remote code execution---essentially allowing an attacker to ...
Dark Reading

Patch Now: APTs Continue to Pummel WinRAR Bug

State-sponsored threat actors from Russia and China continue to throttle the remote code execution (RCE) WinRAR vulnerability in unpatched systems to deliver malware to targets. Researchers at ...
Ars Technica

Nasty code-execution bug in WinRAR threatened millions of users for 14 years

If you're one of the 500 million utility users, now would be a good time to patch.
heise online

Security update: Attackers can inject Winrar with malicious code

Attackers can exploit a security vulnerability in Winrar and attack Windows PCs with malicious code. The developers have closed the vulnerability in the current version. The vulnerability ...