Date:22/02/19
WinRAR has patched a 19-year-old security vulnerability that allowed attackers to extract malicious software to anywhere on your hard drive. The vulnerability was discovered by researchers at Check Point Software Technologies, who realised that WinRAR’s support for the effectively defunct ACE archive format meant that it was still relying on an insecure and dated DLL file from 2006.
The researchers have compiled a lengthy blog post explaining how they discovered the bug, but a short video tells you everything you need to know about how it works. Simply by renaming an ACE file to give it a RAR extension you can get WinRAR to extract a malicious program to a computer’s startup folder, meaning it will run automatically the next time the computer boots up.
After the security researchers informed WinRAR of their findings, the team patched the vulnerability with version 5.70 beta 1 of the software. Rather than attempt to fix the issue, the team opted to drop support for ACE archives entirely, which was probably the sensible option considering the only program capable of creating the archives, WinACE, hasn’t been updated since 2007.
It’s unclear if any attacks have used this exploit in the 19 years it’s existed, but with 500 million WinRAR users worldwide they had plenty of opportunities to do so. If you’re one of these users then it’s pretty critical that you update it at the earliest opportunity to ensure that you don’t fall prey to this exploit.
WinRAR patches 19-year-old security vulnerability that put millions at risk
WinRAR has patched a 19-year-old security vulnerability that allowed attackers to extract malicious software to anywhere on your hard drive. The vulnerability was discovered by researchers at Check Point Software Technologies, who realised that WinRAR’s support for the effectively defunct ACE archive format meant that it was still relying on an insecure and dated DLL file from 2006.The researchers have compiled a lengthy blog post explaining how they discovered the bug, but a short video tells you everything you need to know about how it works. Simply by renaming an ACE file to give it a RAR extension you can get WinRAR to extract a malicious program to a computer’s startup folder, meaning it will run automatically the next time the computer boots up.
After the security researchers informed WinRAR of their findings, the team patched the vulnerability with version 5.70 beta 1 of the software. Rather than attempt to fix the issue, the team opted to drop support for ACE archives entirely, which was probably the sensible option considering the only program capable of creating the archives, WinACE, hasn’t been updated since 2007.
It’s unclear if any attacks have used this exploit in the 19 years it’s existed, but with 500 million WinRAR users worldwide they had plenty of opportunities to do so. If you’re one of these users then it’s pretty critical that you update it at the earliest opportunity to ensure that you don’t fall prey to this exploit.
Views: 729
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
