Re: [FD] WinRAR SFX v5.21 - Remote Code Execution Vulnerability

In fact, a SXF file type can only try to access a specific URL (server's attacker). Then the attacker exploits a Microsoft's vulnerability (ms14-064). The WinRAR file doesn't allow RCE by itself.

Source: Gmail -> IFTTT-> Blogger