Windows data compression tool WinRAR has patched a serious 19-year-old security flaw that was discovered on its platform, potentially impacting 500 million users. The path-traversal vulnerability could allow bad actors to remotely execute malicious code on victims machines simply by persuading them to open a file. The vulnerability was fixed in January, but the tool has now dropped support for the vulnerable archive format in the new Beta version 5.70 beta 1. The exploit works by just extracting an archive, and puts the vulnerability at risk, researchers said.
Source: https://threatpost.com/winrar-flaw-500-million-users/142080/