: The ZIP SFX module now refuses to process commands stored in archive comments if those comments are placed after the beginning of an Authenticode digital signature . This prevents malicious actors from hiding commands within a signature body to execute unauthorized actions.
: Additional measures were implemented to prevent the extraction of insecure links that could compromise a system. Functional and Usability Enhancements RarLab RAR 6.02
The update focused heavily on closing potential attack vectors related to digital signatures and self-extracting (SFX) archives: : The ZIP SFX module now refuses to
: Addressed an issue where entering a password longer than 127 characters in the console version could cause subsequent text to be misidentified as user input in later prompts. RarLab RAR 6.02
: The "File/Change drive" command now saves and restores the last folder visited on a drive if the user switches back to it during the same session. Bug Fixes and Format Support
