• AutoTL;DR@lemmings.worldB
    link
    fedilink
    English
    arrow-up
    20
    arrow-down
    1
    ·
    1 year ago

    This is the best summary I could come up with:


    The issue was discovered by Google’s Threat Analysis Group (TAG), which discussed the problem in depth in a blog post.

    The issue allows an attacker to execute arbitrary code when someone opens a zipped file.

    "Cybercrime groups began exploiting the vulnerability in early 2023, when the bug was still unknown to defenders.

    “TAG has observed government-backed actors from a number of countries exploiting the WinRAR vulnerability as part of their operations.”

    While WinRAR is a useful piece of software used by over half a billion people, it is perhaps more famous as a meme or as the butt of jokes.

    When Microsoft announced native support for the .rar file format, WinRAR shared a meme on Twitter (now called X).


    The original article contains 333 words, the summary contains 119 words. Saved 64%. I’m a bot and I’m open source!

  • hottari@lemmy.ml
    link
    fedilink
    arrow-up
    8
    ·
    1 year ago

    TLDR Some folks just never update their software. Idk if this is just a Windows problem but damn. I remember reading about this 0-day months ago and thinking to myself malware groups will have a field day before the vulnerability finally becomes dead just because of this.

  • Koen967@feddit.nl
    link
    fedilink
    arrow-up
    5
    arrow-down
    51
    ·
    1 year ago

    Maybe because of the fact that they can’t pay their staff, because nobody pays to use their product.

    • MrScottyTay@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      11
      arrow-down
      1
      ·
      1 year ago

      I’ve paid for winrar because I decided I’ve used it for the better half of my life and well kindly keep using it and getting rid of that pop up whilst also giving back to soldering i use regularly was the right choice for me.

      • Nine@lemmy.world
        link
        fedilink
        arrow-up
        13
        arrow-down
        1
        ·
        1 year ago

        Likewise! Once I finally started making real money I tried to buy software I pirated early on. Even if I don’t currently use it.

    • Kecessa@sh.itjust.works
      link
      fedilink
      arrow-up
      10
      arrow-down
      16
      ·
      edit-2
      1 year ago

      I paid for it 🤷 that’s how devs can afford to keep working on their open source projects in the long run.

      Wrong wording due to posting early in the morning, meant any independent work…

        • Kecessa@sh.itjust.works
          link
          fedilink
          arrow-up
          6
          arrow-down
          1
          ·
          edit-2
          1 year ago

          Early in the morning post, worded that wrong, but the sentiment is the same, open source or independent projects, the creators need something in return to keep working on them

      • MuhammadJesusGaySex@lemmy.world
        link
        fedilink
        arrow-up
        14
        arrow-down
        3
        ·
        1 year ago

        I paid for it too. I mean fuck man. I’ve been using winrar for almost 30 years. That’s more than I can say for most things in my life. I figured it was the least I could do.

        • Dumbkid@lemmy.dbzer0.com
          link
          fedilink
          English
          arrow-up
          8
          ·
          1 year ago

          Same I bought the physical disk too, not like I have a disk drive. But now I have a licensed winrar disk

          • SokathHisEyesOpen@lemmy.ml
            link
            fedilink
            English
            arrow-up
            5
            ·
            edit-2
            1 year ago

            You guys are all Eugene Roshal alts. Aren’t you? Nice try Eugene!

            Edit: in reality I think Eugene is a badass who has done something really special in a world overflowing with greed.