[Utilizer]

I use p7zip, actually, since it has better compression and more configuration options but I believe there are still some WinRAR users out there.

[Utilizer]

Ping...

[soycd]

Winrar uses are behind the eight ball. 7zip or homegrown C code is the only way.

[catnipman]

I quit using WinRAR sometime during the last century, I believe.

7zip is the only way to go.

btw, ANY SFX facility that lets you roll your own executable, including 7zsfx, can include malicious content, given that these bundles can contain any kind and amount of various executable codes, so this article contains no real news, and the issue is not specific to he WinRAR SFX.

Here’s a tip for everyone: on Windows, if a file ends in .exe, assume it will destroy your computer unless you are absolute certain that the source is 100% legitimate.

[Wayne07]

It worth noting that WinRar SFX is different product from plain WinRar,which the article does a poor job explaining.

WinRAR SFX = self extracting archive. It created an exe you run to decompress. It is inherently unsafe, so the exploit may not be such a big deal.

What most people sue is WinRAR, which compresses and decompresses .rar files. This is still safe.

[W.]

These days, I scan everything I download with 3 different programs. Better safe than sorry...

[TChad]

WinRAR itself is not the problem. It need not be patched.

http://www.rarlab.com/vuln_sfx_html2.htm

[rarestia]

I use p7zip, actually, since it has better compression and more configuration options but I believe there are still some WinRAR users out there.

7Zip all the way! WinRAR? I'm surprised to hear there are still legitimate copies of the software out there. I thought they went the way of WinZip.