The vulnerability was found by the firm Check Point last month. WinRar has more than 500 million users worldwide.
McAfee's Craig Schmugar wrote that one recent exploit piggybacked on a bootlegged copy of singer Ariana Grande's hit album Thank U Next, with a filename of Ariana_Grande-thank_u,_next(2019)_.rar.
"While a patched version, 5.70, was released on 26 February, attackers are releasing exploits in an effort to reach vulnerable systems before they can be patched," he said.
Malformed archive detected by McAfee.
"User Access Control is bypassed, so no alert is displayed to the user. The next time the system restarts, the malware is run," he said.
Most of the initial targets of the exploits were in the US.