19 Year Old WinRAR Vulnerability Exploited Around the Globe

WinRAR, a popular file utility tool, has been found to have a 19 year-old vulnerability. Fortunately, WinRAR developers were able to remediate the problem shortly after the information went public. However, that’s not to say the issue has been entirely resolved.

In order to receive the patch, users must update the software program. If users do not do so, the known vulnerability will remain exposed. The issue is, now that hackers are aware of the security gap, they have begun exploiting it around the globe.

Cyber criminals are using phishing emails with the malicious file CMSTray.exe attached. This executable file is meant to exploit the vulnerability left open within any unpatched WinRAR software.

To prevent the malware from running, users should update WinRAR to the latest 5.70 Beta 1 Version. Then, users need to replace their existing security solution with one that deploys application whitelisting as its primary method of malware detection. Even if the software was left unpatched, (which we do NOT recommend), the malicious file sent by the hackers would not be able to install on any devices running a whitelisting agent, because CMSTray.exe is not a known, trusted file.

Stay protected!

The vulnerability being discussed is in no way related to PC Matic.  It is however, tied to WinRAR, which is a program that PC Matic will patch, as those security patches become available.  If you are uncertain if WinRAR has been patched, you may run a security scan through PC Matic, and follow all suggested enhancements.  Once this is complete, be sure to reboot the PC to finalize all changes.