Click to Skip Ad
Closing in...

If you use WinRAR, update immediately to patch a serious zero-day vulnerability

Published Aug 23rd, 2023 5:20PM EDT
computer hack
Image: WhataWin/Adobe

If you buy through a BGR link, we may earn an affiliate commission, helping support our expert product labs.

WinRAR users should update their software immediately as reports of a zero-day vulnerability have surfaced. According to reports, the WinRAR software has been exploited to install malware when clicking on harmless files in an archive, allowing hackers to breach multiple online cryptocurrency trading accounts.

WinRAR is a popular software for archiving and opening .rar and .zip files, and thus it has been installed on countless systems around the world. This particular exploit, however, has only been active since April 2023, according to BleepingComputer. The exploit is currently flagged and tracked as CVE-2023-38831, and it has been used to distribute malware from the DarkMe, GuLoader, and Remcos RAT families.

Malware detected warning screen.
Malware detected warning screen. Image source: Getty Images

The exploit essentially allowed threat actors to create .rar and .zip archives with malicious files inside that appeared innocent enough. These .jpg and text files would then cause a script to be executed that installs malware on the targeted device when opened. BleepingComputer tested the exploit from an archive shared by Group-IB, which originally discovered the campaign.

If you use WinRAR on your personal or business computer, then you should upgrade to WinRAR version 6.23, which was released on August 2, 2023. This version resolves the WinRAR zero-day and includes fixes for other WinRAR security vulnerabilities that have cropped up over the past few months.

The exploit appears to have been intended to target crypto traders, though it doesn’t mean you should rule yourself out, as bad actors like this usually throw a wide net, hoping to catch as many unsuspecting users as possible. In recent history, we’ve seen other zero-day exploits pop up for other popular software and apps, including a Chrome zero-day exploit back in December 2022 and even exploits for ChatGPT as early as April 2023.

When these exploits are uncovered, the best thing you can do is update your software as soon as possible and avoid clicking on any files you do not recognize.

Josh Hawkins has been writing for over a decade, covering science, gaming, and tech culture. He also is a top-rated product reviewer with experience in extensively researched product comparisons, headphones, and gaming devices.

Whenever he isn’t busy writing about tech or gadgets, he can usually be found enjoying a new world in a video game, or tinkering with something on his computer.