silversurfer
Level 85
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
- Aug 17, 2014
- 10,057
WinRAR, one of the world's most popular Windows file compression applications, has patched last month a severe security flaw that can be abused to hijack users' systems just by tricking a WinRAR user into opening a malicious archive.
The vulnerability, discovered last year by security researchers from Check Point Software, impacts all WinRAR versions released in the last 19 years.
On its website, the WinRAR team boasts of having a userbase of over 500 million users, all of whom are most likely impacted. The good news for all WinRAR users is that WinRAR devs released an update to fix the issue last month.
According to a Check Point technical write-up that takes a deep dive into WinRAR's inner workings, the vulnerability resides in the UNACEV2.DLL library included with all WinRAR versions.
This library is responsible for unpacking archives in the ACE format. Check Point researchers discovered a way to build malicious ACE archives that when decompressed used coding flaws in this library to plant malicious files outside the intended decompression path destination.
WinRAR devs released WinRAR 5.70 Beta 1 on January 28 to address this vulnerability --tracked under the CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 identifiers.
Download: WinRAR 5.70 Beta 1 32bit
Download: WinRAR 5.70 Beta 1 64bit