A bug in WinRAR that allows cybercriminals to infect your device by opening RAR files

The important vulnerability that your version of WinRAR may have in your operating system, which you must update now to prevent hackers from accessing your computer.

WinRAR It is one of the computer programs that millions of people use to compress and decompress files, and although Microsoft is working on native compatibility, the truth is that many people still use third-party software and leave it installed on their operating system.

This carries many risks, because if you are not updated with WinRAR updates, and some account has some kind of vulnerability, you may end up putting your whole computer at risk.

And now Just a correction A very serious WinRAR vulnerability allowed executing external commands on a computer simply by opening a RAR file.

It is called judgment CVE-2023-40477 It may allow cyber criminals to execute arbitrary code on the target system, after opening an infected RAR file.

The vulnerability was originally discovered by the Zero Day Initiative, which was reported to RARLAB on June 8.

The update is now available

Two months later, on August 2, 2023, the organization released version 6.23 of WinRAR which fixed They are.

The researcher comments that the failure is present in the processing of recovery volumes and that the problem “This is due to the lack of proper validation of the data provided by the user, which may lead to memory access after the end of the allocated buffer“.

Even though the user needs to open the deceptive RAR file to infect the system, it wouldn’t be too difficult for cybercriminals to trick a large group of users by sending all kinds of spam messages and tricking them into opening the attached files.

See also  Chinese samples indicate that the moon cooled later than previously thought

As we said, WinRAR version 6.23 already fixed this bug, so you should install the update.

This release also fixes an issue with factory files causing an unsuccessful startup, which can also be a serious problem.

Leave a Reply

Your email address will not be published. Required fields are marked *