Jump to content
  • PSA: Update your WinRAR copy to fix an actively exploited security vulnerability


    Karlston

    • 883 views
    • 2 minutes
     Share


    • 883 views
    • 2 minutes

    Google Threat Analysis Group (TAG) has published details about a newly found vulnerability in WinRAR, a truly legendary piece of Windows software. According to TAG, numerous government-backed actors have been actively exploiting the vulnerability since the beginning of this year. What makes the situation much worse is that WinRAR has no automatic update mechanisms. Therefore, you need to update the app manually to version 6.23 or 6.24 to avoid the risk.

     

    CVE-2023-38831 is a logical vulnerability that causes irrelevant expansion of a temporary file combined with specifics of Windows' ShellExecute when opening a file containing a space in its extension (.png_, for example). That results in hackers being able to execute arbitrary code when the target user opens an innocent-looking file, such as a PDF or PNG, within a ZIP archive.

     

    According to Google (via The Verge), multiple government-baked groups have been actively using the vulnerability to steal data and crypto. For example, the SANDWORM group launched an email campaign targeting Ukraine's energy sector with a decoy PDF document that looks like a training program for drone operators.

     

    Google's TAG says the vulnerability is highly effective, even though there is a patch to resolve it. It highlights the importance of servicing your software and ensuring it is up to date. Sadly, one of the most popular Windows apps still has no built-in update mechanisms, which is why the vulnerability has been so effective.

     

    WinRAR users have three options: update WinRAR and continue using it; ditch the app in favor of other options, such as 7Zip or its fork, NanaZIP; or stop using third-party apps altogether. The latest Windows 11 feature update introduced native support for many archive formats, such as RAR, TAR, 7Z, and more. And even though the upgraded File Explorer is not as fast as a dedicated app, it can still get the job done. Of course, if you frequently use archives, patching your WinRAR copy as soon as possible is the best option.

     

    Source

     


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...