New Zero-day Vulnerability Puts Millions at Risk
If you compress and decompress files with WinRAR, your server or workstation and any accessible data are susceptible to a new Zero-day Vulnerability. WinRAR is one of the most widely used utility programs worldwide. This unpatched Zero-day vulnerability puts millions of users at risk, potentially compromising their devices and data.
WinRAR is an application used to compress and extract files that are often too large to be sent through most email services. This vulnerability uses an SFX file, a self-extracting file, embedded in the application to make it easy for attackers to access your machines.
You only have to click on the shared file, not even open it, and the hacker will be able to execute the remote code on your PC to initiate the cyberattack. Once the code is executed, the attacker gains access to your computer, allowing full administrative control. Victims will not be warned or alerted that their systems have been compromised.
It is highly recommended that you DO NOT click on any file shared via the WinRAR application. Your safest step is to uninstall this program until there is a patch to correct this vulnerability. Free programs are available for download, in place of the WinRAR application, like WinZip or 7Zip.
To learn more about Zero-day Vulnerabilities and ways to protect yourself, contact Twinstate Technologies®.
Originally published on 09/30/2015
Topic: Firewalls & Network Security
![Red Team Services: Introduction to Vulnerability Assessments [Free ebook]](http://www.twinstate.com/hubfs/pexels-photo-249203.jpeg)
