-{ Quote: "Critical: Highly critical

Impact: DoS
System access
Where: From remote
Solution Status: Vendor Patch" }-Secunia (http://secunia.com/advisories/29407/)

What happens with those of us who jumped on that free registered version a while back (3.51)? Should we "bite the bullet" and pay for an upgrade?

It's a good thing that I did not install the program. Just downloaded it a while back and left it as is. 8)

How can Secunia describe this as a "remote" vulnerability? WinRAR only deals with local files so an attacker would have to get their "special archive" onto a victim's system first, then persuade them to run WinRAR on it. It can't be exploited remotely.