Posted by Gynvael Coldwind on Oct 01

Correct me if I’m wrong, but the vulnerability can be summarized as: if you
run an untrusted .exe you might execute malicious code?

I hardly see this as giving anything new to the attacker who can just
create a malicious exe file, set the winrar sfx icon and send it to the
victim.

Keep in mind that not every unexpected behavior or software bug is a
security vulnerability.

(and no, potential AV bypass doesn’t make it a vulnerability…