Eugene Roshal launched RAR in 1995, and it has remained a popular compression format for over three decades.
Nation-state groups and financially motivated cybercriminals are actively using this defect, primarily targeting military, government, and technology sectors for espionage.
The attacks are bypassing security by targeting users who still rely on outdated versions of the software. Key Details & Background Gztgbzukbzbuzbgu rar
Users must immediately update to the latest version of WinRAR (7.13 or newer) to patch the vulnerability. What is RAR and Why is it Used?
A path-traversal vulnerability allows attackers to create specially crafted archive files that, when opened, can execute malicious code on the victim's computer. Eugene Roshal launched RAR in 1995, and it
RAR files themselves are not inherently dangerous, but like any compressed format, they can disguise malware. In this case, the vulnerability allows the extraction process to trigger malicious activity.
As of January 2026, cybersecurity experts, including Google Threat Intelligence , are reporting active, widespread exploitation of a six-month-old vulnerability in WinRAR. Key Details & Background Users must immediately update
The flaw affects versions of WinRAR prior to 7.13 , which was released in mid-2025.