HQ/EMEAFind out how we can help your business
A recently patched WinRAR flaw is a severe vulnerability that could allow hackers to execute commands on a device by opening an archive. The flaw is critical as the affected entity is a well-known file archiver tool for Windows utilised by millions of users.
Researchers identify the flaw as CVE-2023-40477, which could provide remote attackers with arbitrary code execution on the target system once a user opens a specially crafted RAR archive. Based on reports, the researchers who uncovered the vulnerability notified RARLAB about it a few months ago.
The WinRAR flaw is present in the processing of recovery volumes.
Researchers found the WinRAR flaw within the processing of recovery volumes, which they also elaborated to RARLAB upon the notification.
The cause of the bug is allegedly the lack of proper validation of user-supplied information, which could result in a memory access past the end of a designated buffer. The critical severity score of the flaw is 7.8 out of 10 since the vulnerability needs to deceive a victim to open a file before the actors can execute their malicious plans.
However, experts still warn users about the bug since threat actors could use various tactics to lure users into performing a required action. Additionally, potential attackers could have abundant opportunities for successful campaigns because of the enormous user base of WinRAR.
Fortunately, RARLAB released WinRAR version 6.23 earlier this month, which addresses the newly disclosed issue. Hence, users should apply the security update as soon as possible.
The new version also addresses a past issue with specially crafted files, leading to wrong file initiation. Therefore, the latest security updates have fixed a couple of problems.
Furthermore, Microsoft is now testing native support on Windows 11 for RAR, GZ, and 7-Zip files, so third-party software will no longer be required in this version unless users need their advanced features.
Users who continue utilising WinRAR should ensure that their software is updated to prevent hackers from exploiting weaknesses in older versions. Experts advise users to be wary of accessing RAR files or employing AV tools that could scan archives to mitigate the chances of compromise.
