The National Forum   Donate   Your Account   On Line Opinion   Forum   Blogs   Polling   About   
The Forum - On Line Opinion's article discussion area



Syndicate
RSS/XML


RSS 2.0

Main Articles General

Sign In      Register

The Forum > General Discussion > Warning - If you have Winrar installed please read.

Warning - If you have Winrar installed please read.

  1. Pages:
  2. Page 1
  3. All
Last month a 19-year-old bug was discovered in WinRAR, the software many PC users use to extract .zip and other files on their computer. While the company was quick to patch the bug, that match requires users to update their software in order to be safe ó and a lot of people havenít yet.

Hereís the deal according to WinRAR:

WinRAR has always been known for its wide support of all popular compression formats. A recent report by Check Point Software revealed a potential security vulnerability in the UNACEV2.DLL library, which was used in former versions of WinRAR to decompress ACE archives. There havenít been any reported attacks so far, but to provide WinRAR users with a stable and clean version, the final version of WinRAR 5.70 has been released. Since UNACEV2.DLL had not been updated since 2005 and access to its source code is not available, the decision was made to drop ACE archive support starting with WinRAR 5.70. Now, after the launch of the final and stable version of WinRAR 5.70, upgrading immediately to the new 5.70 version is highly recommended.

To users who are not interested in an upgrade or who donít find a localized version of WinRAR 5.70 yet, win.rar GmbHís advice is to delete the UNACEV2.DLL file from their current WinRAR version to be reliably protected again. All users of WinRAR 5.10 or any newer version can find the UNACEV2.DLL file in the WinRAR program folder. WinRAR users of versions older than 5.10, can find the UNACEV2.DLL file in the Formats subfolder of the WinRAR program.

According to McAfee, there are more than 100 unique exploits that can occur thanks to the bug, including one where hackers can extract a malicious file onto your computerís startup folder that will automatically run the next time the computer is rebooted. Not ideal.

Luckily, thereís a quick and easy way to protect yourself against the bug and all the nefarious things that potentially come along with it: just update the software.

The current fixed version is 5.70.
Posted by Philip S, Sunday, 17 March 2019 6:08:46 PM
Find out more about this user Recommend this comment for deletion Return to top of page Return to Forum Main Page Copy comment URL to clipboard
  1. Pages:
  2. Page 1
  3. All

About Us :: Search :: Discuss :: Feedback :: Legals :: Privacy