WinRAR Security Vulnerability Warning and the Importance of Updating
A critical vulnerability (CVE-2023-38831) has been discovered in older versions of WinRAR, allowing attackers to execute malicious code. Updating the software is the only way to protect yourself.
Updating software is the simplest yet most important action to stay safe.
WinRAR is one of the world's most popular file compression and extraction utilities. However, this popularity has also made it a target for hackers. The CVE-2023-38831 vulnerability allows an attacker to create special archive files (.zip or .rar) where, upon a user opening a seemingly harmless file (like a .jpg or .txt) inside the archive, a malicious script is executed silently in the background.
Who is Affected?
All users running WinRAR versions **prior to 6.23** are at risk. Attackers often distribute these malicious archives via phishing emails or unsafe software download sites.
How to Protect Yourself?
The most important action: Update WinRAR immediately. The developers have released version WinRAR 6.23 (and newer versions) to fully patch this vulnerability. Visit the official WinRAR website to download the latest update.
In addition to updating, follow these basic safety principles:
- Do not open archives from unknown sources: Be cautious with email attachments or download links from untrustworthy websites.
- Use antivirus software: An up-to-date antivirus program can detect and block malicious scripts.
- Consider alternatives: Open-source tools like 7-Zip are also powerful and secure options for file compression and extraction.
Also available in Vietnamese
Read Vietnamese version →