Recently patched critical code execution vulnerability in WinRaR, which is a popular windows file compression application that consists of almost 500 million users worldwide is under the exploitation carried out by individual hackers and many cybercriminal groups.
The threat that WinRar, the popular file compression application faces from potential hackers is because the file compression application does not consist of an auto-update feature that has made it easy for hackers to attack the application easily. The absence of an auto-update feature in the file compression application has made its users vulnerable to the various cyber attacks.
The bug present in the windows file compression application, WinRaR, that is the critical vulnerability ( cve-2018-20250), had been patched up last month by the team of WinRaR with the release of WinRAR version 5.70 beta 1 has impacted all the prior versions of WinRAR that had been released over the past 19 months.
The vulnerability residing in the windows file compression application, WinRAR is an absolute path traversal bug that is present in the old third-party library UNACEV2.DLL of WinRaR. This bug allows the potential hackers to access the files and then extract a compressed executable file from the ACE archive.