> > WinRAR flaw lets hackers run programs when you open RAR archives
> >
> >
> https://www.bleepingcomputer.com/news/se...-programs-when-you-open-rar-archives/
> >
> > I have these files in my Ztree folder...
> >
> > unrar.dll 267,992 .a.. 5-23-23 12:28:50 pm
> > Version: 5.71.0 [5.71.100.3045]
> >
> > unrar64.dll 320,728 .a.. 5-23-23 12:28:50 pm
> > Version: 5.71.0 [5.71.100.3045]
> >
> > Should I be worried?
>
> Paul,
>
> You need not be worried unless you open RAR files that come from
> questionable sources.
>
> The DLL versions you have are supplied by Kim in his updates. The dates
> of those files are actually 4-27-19 (not 5-23-23).
>
> As noted by BleepingComputer, the current version which fixes the flaw
> is 6.23.0. I expect Kim will provide the updated versions in his next
> Zeta.
>
> Meanwhile, if you are still concerned, you can download the
> UnRARDLL.exe package here:
> https://www.rarlab.com/rar/UnRARDLL.exe
> extract those two files from that, and replace them in your ZTree
> directory.
>
> - John

I forget whether this used to be an issue (I very rarely open RAR files in ZTW), but "O"pening an image inside an Alt-F5ed RAR file using the latest DLLs extracts the file to (for example):
C:\Users\johnl\AppData\Local\Temp\ZTMP000\tmpB803.tmp\image.jpg
But passes the path:
C:\Users\johnl\AppData\Local\Temp\ZTMP000\image.jpg
To the Image viewer, which then points out its unhappiness.