RARLAB has released a security update to fix a vulnerability in WinRAR. A remote attacker could entice the target user into visiting a malicious page or opening a specially crafted archive file to exploit the vulnerability.
Please note that successful exploitation requires user interaction in that the target user must be lured into visiting a malicious page or opening a specially crafted archive file.
Successful exploitation of the vulnerability could lead to remote code execution on an affected system.
The software update for affected systems is now available. Since there is no auto-update option in WinRAR, users should take immediate action to manually update their WinRAR to versions 6.23 or later to mitigate the risk.