The update scares me every time.
A 'missing in the path' install is making connections from a RAR Temp folder. It is in Windows Temp, but there should be a better and secure way of doing things.
I'm not even sure how the files are checked, with cert pinning or hashes or what, but my guess would be that it won't be impossible such updates to be intercepted and files switched. At minimum causing denial of service or update not passing or worst.
Also relying on any third party compression mechanism or libraries in a security product wouldn't make much sense to me having in mind that supply chain attacks are a thing and exploits in compression are not unheard of .. and when i highly privileged process is doing it sounds scary.
Hope I'm wrong here, it may be me not properly understanding things make me have this fears and it's just the jump scare from the strange connection from a strange location popping up.
