https://www.theregister.c...ed_ccleaner_downloads/

Only affected the 32-bit binary it seems so if you're on 64-bit you should be unaffected. Just goes to prove the old adage: the only safe network connection is an air gap.

Apparently the destination server was taken down before the payload executed in the wild but goes to show how careful you need to be.

Lots more info on line. Thanks for sharing though - good spot.

Sloppy controls on their part, but at least it only affected version 5.33.6162 in the 32-bit flavor.
 
http://www.piriform.com/news/blog/2017/9/18/security-notification-for-ccleaner-v5336162-and-ccleaner-cloud-v1073191-for-32-bit-windows-users
 
I was still running v5.31, so it sometimes pays to be a slow updater.  Not to mention that I use 64-bit as well.  Strange that the hackers only targeted 32-bit, but no complaints here.
 
I also block outbound network connections with firewall by default, except for those applications that absolutely need it.  Hopefully that will reduce the impact of any trusted and signed programs that get back-doored like this.

I have been using this for a long time.

Luckily I hadn't updated in awhile. I do like the program though. How do you guys feel about using it going forward?

I didn't have the bad version but I am going to continue using it going forward. I only launch it when I clean stuff up and always backup my registry beforehand. 
I run Malwarebytes (full version) with all options on along with Windows AV and Firewall. I also run cloud and local backups so I hope I am covered. 
 
It is just a bummer that so many titles are prone to hacking. I have dealt with my health insurance carrier 2 years ago and now bigger and badder problems these days. I don't think really any software is perfectly safe from hackers so we just have to beware and have good protection in place. 

Backups ... backups ... backups ...

Yeah, I have Norton... Will probably just keep using CCleaner regardless

I did a regular manual scan of my PC with Malwarebytes on the 19th (here in Japan) and it unexpectedly found a Trojan.
And where was it? In the CC folder.
So it was good to hear about this news soon after and put 2 and 2 together.
Unfortunately the software didn't tell me it was there until I scanned. I suppose that's what manual and automatic scan schedules are for. I don't worry too much about these things. Malwarebytes removed or quarantined it and I enjoy tinkering (although tinkering was the reason I updated CCleaner which caused the issue). I look forward to reformatting and reinstalling everything with the Windows 10 Fall update in October.
 
Here's the record:

GjB
I did a regular manual scan of my PC with Malwarebytes on the 19th (here in Japan) and it unexpectedly found a Trojan.
And where was it? In the CC folder.
So it was good to hear about this news soon after and put 2 and 2 together.
Unfortunately the software didn't tell me it was there until I scanned. I suppose that's what manual and automatic scan schedules are for. I don't worry too much about these things. Malwarebytes removed or quarantined it and I enjoy tinkering (although tinkering was the reason I updated CCleaner which caused the issue). I look forward to reformatting and reinstalling everything with the Windows 10 Fall update in October.
 
Here's the record:

Very interesting!  I see that you are running a 64-bit version of Windows.  The trojan was only planted in the 32-bit installer of CCleaner.  So just curious, did you only have the 32-bit CCleaner installed?