Tom's Hardware WinRAR exploit reportedly remains widely-used by China and Russia state actors despite patch — vulnerability allows malicious archives to deliver a hidden payload to Windows Startup folder
Google says that a WinRAR exploit that has been patched six months ago remain a popular attack vector, especially for state-sponsored threat actors. The vulnerability allows malicious archives to install malware on critical Windows folders.