In what they call a rare instance of jumping the gun, researchers at Malwarebytes have retracted claims that a WinRAR SFX version 5.21 vulnerability left users open to attack and noted that the product is not malicious nor is it being targeted by malicious files.
Last month researchers at the firm wrote in a blog, which has since been removed, that a flaw in WinRAR could allow a remote attacker to create a compressed file and execute code on the victim's computer when the victim opens an infected compressed SFX archive.
But in a Wednesday blog, Adam Kujawa, head of malware intelligence at Malwarebytes said, "What we described in our post was simply a new attack vector that could mask itself as any executable." Kujawa said the original post had echoed reporting from the Full-Disclosure mailing list.
Kujawa apologized to WinRAR and its users, adding that Malwarebytes is performing their own in-depth analysis of WinRAR.
