[ad_1]
Just about everyone who owned a computer in the last few decades has used WinRAR, the extremely popular file extraction and compression software. More than 500 million users worldwide use WinRAR for archiving. Almost none of these people paid the $ 29 it costs to use the software at the end of their trial period. Because I hate nag screens and do not like software piracy, I opted for free alternatives several years ago, but if you still use a version of WinRAR, it is best to update it at once to the latest version, WinRAR version 5.70 beta 1.
There seems to be a remote execution vulnerability in WinRAR for 19 years. According to Check Point Security researchers, an attacker could easily get total control of a computer, simply by extracting a questionable archive.
All thanks to a third-party library called UNACEV2.DLL that allows you to extract compressed files using the ACE compression format. There is no security check and allows the execution of code during the extraction. Since WinRAR verifies the files, not the extensions, a dirty ACE file can be renamed to a RAR file and falsified so that it does not interact with the user via the message boxes. It calls a Path Traversal vulnerability, allowing the exploit to extract files to an arbitrary path, including that of Windows startup.
Here is a proof of concept demonstration
In response, WinRAR discontinued ACE file support in the latest version of the software, to protect its users from potential risks. You can download WinRAR 5.70 beta 1 here.
Last update: February 21, 2019
[ad_2]
Source link