- Researchers discovered a critical remote execution vulnerability in WinRAR affecting millions of users.
- The flaw impacts all version of WinRAR released in the past 19 years.
- The flaw was discovered by security researchers at Check Point.
- The vulnerability can be exploited by attackers to gain full control over victims computer
Security researchers have discovered a critical remote execution vulnerability in WinRAR software affecting all versions released in the past 19 years.
WinRAR is a Windows file compression application with more than 500 users worldwide.
The flaw discovered by security researchers at Check Point which can be exploited by attackers to execute malicious code on the targeted system.
The flaw was a result of an Absolute Path Traversal bug that resides in the third party library called UNACEV2.DLL.The library is responsible for extracting archives in the ACE file format.
The flaw allows the attacker to archives the files to a folder of their choice rather than the folder chosen by the user.
The attacker could extract the file to Windows PC’s Startup folder where it would be automatically executed after the next reboot.
Here the attacker only needs to trick the user to open a malicious archive file using WinRAR.
The company lost access to UNACEV2.DLL library source code in 2005 and decided to drop support for ACE archive file formats
WinRAR has released version 5.70 beta 1 addressing the vulnerability on January 28 and all windows users are advised to update the application immediately.
Researchers also published a proof of concept demonstration video which can be seen below:
You may be interested in reading:Several Photo Editing Apps Found Stealing Users Photos