No idea why folks still use stuff like this when there are open source alternatives like 7zip and Nana Zip.
I use WinRAR (as a switch from 7-Zip) because it works well enough, is fast and stable and has good compression. For me, switching to another Windows archiver would have no merit.
Is security not a merit?
Honestly, this is like the first time I heard WinRAR has this big security vulnerability. But I am still planning to stay on WinRAR given its easy to use UI and unlimited free trial.
It is. Coincidentally, security was one of the reasons to uninstall 7-Zip.
There’s barely any CVEs on that page. It’s likely a security researcher did some fuzzing of the executable and found a few issues at once.
Have you looked at how many vulnerabilities there’s been in things like Windows, MacOS, Chrome, etc?
I have. The point is that there is no software without vulnerabilities.
The point is that there is no software without vulnerabilities.
Definitely true, but that conflicts with this:
Coincidentally, security was one of the reasons to uninstall 7-Zip.
If you uninstalled software because of security, you wouldn’t have any software left :)
Also true. I was probably too impatient when I bought a WinRAR license over night. But now I have it and I use it. :-)
The number of reported issues seems to be about the same with WinRAR: https://www.cvedetails.com/vulnerability-list/vendor_id-1914/product_id-3768/Rarlab-Winrar.html
Is WinRAR really faster, more stable, and has better compression than 7-Zip? I haven’t used WinRAR in probably over a decade at this point.
It depends. The RAR5 format used by newer WinRAR versions (the “old” one is still supported just well) can have smaller archives than 7z, but the opposite is also true. Still, yes, WinRAR is in my experience faster and more stable.
(Note that “as small as possible” is not usually the most relevant point. The best compression is currently reached with the ZPAQ format, but using it with maximum compression settings is painfully slow.)
In a report released today, researchers from Group-IB said they discovered the WinRAR zero-day being used to target cryptocurrency and stock trading forums, where the hackers pretended to be other enthusiasts sharing their trading strategies.
These forum posts contained links to specially crafted WinRAR ZIP or RAR archives that pretended to include the shared trading strategy, consisting of PDFs, text files, and images.
I see an “invest in bitcoin” and I immediately think caveat emptor.
Thank heavens for Linux and 7zip.
Gee, I wonder whether it’s possible to have zero-day exploits on Linux and 7-Zip.
It is, but Linux has such a low desktop usage share that it wouldn’t really be considered as a target for hackers. I believe that hackers really only target Linux servers, not desktops.
How would a hacker even notice the difference between a Linux server and.a Linux desktop? Those are the same thing.
Barely anyone uses Linux, and among those who do, distros vary wildly enough between each other to the point of breaking viruses that it’s just not worth the effort to make viruses for them compared to Windows or Mac