• Donate
    TheWindowsForum.com needs donations to stay online!
    Love TheWindowsForum.com? Then help keep it alive by sending a donation!

WinRAR flaw lets hackers run programs when you open RAR archives

WELCOME TO THEWINDOWSFORUM COMMUNITY!

Our community has more than 63,000 registered members, and we'd love to have you as a member. Join us and take part in our unbiased discussions among people of all different backgrounds about Windows OS, Software, Hardware and more.

Register Log in
ThumperTM

ThumperTM

La Patróna
Aug 18, 2010
13,697
9,429
WinRAR


A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.

The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened.

The vulnerability was discovered by researcher "goodbyeselene" of Zero Day Initiative, who reported the flaw to the vendor, RARLAB, on June 8th, 2023.

"The specific flaw exists within the processing of recovery volumes," reads the security advisory released on ZDI's site.

"The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer."

As a target needs to trick a victim into opening an archive, the vulnerability's severity rating drops down to 7.8, as per the CVSS.

However, from a practical perspective, deceiving users into performing the required action shouldn't be overly challenging, and given the vast size of WinRAR's user base, attackers have ample opportunities for successful exploitation.

Mitigating the risk​

RARLAB released WinRAR version 6.23 on August 2nd, 2023, effectively addressing CVE-2023-40477. Therefore, WinRAR users are strongly advised to apply the available security update immediately.

Apart from the RAR4 recovery volumes processing code fix, version 6.23 addresses an issue with specially crafted archives leading to wrong file initiation, which is also considered a high-severity problem.

It should also be noted that Microsoft is now testing native support on Windows 11 for RAR, 7-Zip, and GZ files, so third-party software like WinRAR will no longer be required in this version unless its advanced features are needed.

Those continuing to use WinRAR must keep the software updated, as similar flaws in the past were abused by hackers to install malware.

Apart from that, being cautious with what RAR files you open and using an antivirus tool that can scan archives would be a good security measure.

Source: bleepingcomputer
 
You must log in or register to reply here.

Similar threads

hacxx
Register WinRAR (All versions) - With only one cmd.exe command
Replies
3
Views
2K
hacxx
hacxx
Z
help with winrar 6.11 Final installation please
Replies
10
Views
3K
hacxx
hacxx
ThumperTM
Winrar - Elon Musk
Replies
14
Views
5K
Hotrod369
Hotrod369
alpha1911
[File Compression] Freeware alternatives for WINRAR/WINZIP
Replies
9
Views
16K
razakashif
R
M
Need help installing winrar
Replies
3
Views
2K
ThumperTM
ThumperTM

Latest posts

Back