Hackers are exploiting critical WinRAR bug exposed last month

Towards the end of last month, security researchers revealed details of a critical bug in that stalwart of the compression world, WinRAR. The bug is many years old and although it relates to the rarely-used ACE format and has since been patched, it has been discovered hackers are actively exploiting it since it was made public. The 19-year-old bug in the file UNACEV2.DLL (CVE-2018-20250) allows for an attacker to execute malicious files hidden in compressed archives. Over 100 exploits have been found that take advantage of people who are yet to update to a secure version of the software... and… [Continue Reading]