In populyarnom the WinRAR archiver vulnerability exists which threatens the security of cryptocurrency wallets. It is noteworthy that the bug that allowed you to insert executable code into the system after opening the rar file, apparently, has been around for 14 years, but was discovered only recently. Now, when it is well known, it is likely that nephropathogenic systems will be written exploits.
Update WinRAR to the latest version (from official source) fixes the problem. But WinRAR is one of the most popular programs, which has about 500 million users. In the Bitcoin subreddit, one user writes:
Here’s how it works. You open a malicious rar file nepropitannoy version of Winrar, and the payload is placed in the Windows startup folder. This means that when you reboot you download the. exe. And you know what? No one ever updates the Winrar… So there are probably at least 100 million computers nepropitannoy version of Winrar.
Running code means that something designed to steal funds from bitcoin wallets, and may quite easily spread in the system. In this regard, it is not recommended to install bitcoin software on General purpose computers. If so, antivirus software is a must. In the end, it all depends on what you are willing to risk.
This error is a result of library use WinRAR to handle files of ACE. WinRAR developers decided not to support the ACE files:
WinRAR has always been known for broad support for all popular compression formats. Since UNACEV2.DLL not been updated since 2005, and access it’s source code is not available, it was decided to abandon support for ACE archives, starting with WinRAR 5.70. Now, after the release of stable version of WinRAR 5.70, it is strongly recommended to upgrade to the new version 5.70.
Source
