A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts.
Honestly, this is like the first time I heard WinRAR has this big security vulnerability.
But I am still planning to stay on WinRAR given its easy to use UI and unlimited free trial.
Is security not a merit?
Honestly, this is like the first time I heard WinRAR has this big security vulnerability. But I am still planning to stay on WinRAR given its easy to use UI and unlimited free trial.
It is. Coincidentally, security was one of the reasons to uninstall 7-Zip.
There’s barely any CVEs on that page. It’s likely a security researcher did some fuzzing of the executable and found a few issues at once.
Have you looked at how many vulnerabilities there’s been in things like Windows, MacOS, Chrome, etc?
I have. The point is that there is no software without vulnerabilities.
Definitely true, but that conflicts with this:
If you uninstalled software because of security, you wouldn’t have any software left :)
Also true. I was probably too impatient when I bought a WinRAR license over night. But now I have it and I use it. :-)
Y-you paid for WinRAR?
I even own legitimate Total Commander and mIRC licenses!
Wow, a real unicorn! 🦄
I’m sure they’re still celebrating someone purchasing a license :)
The number of reported issues seems to be about the same with WinRAR: https://www.cvedetails.com/vulnerability-list/vendor_id-1914/product_id-3768/Rarlab-Winrar.html