19-year-old vulnerability in WinRAR finally fixed

Flaw affecting 500 million users could enable hackers to execute remote code

Security flaw

Security researchers have discovered a bug in the WinRAR file compression application that can allow hackers to execute code remotely. The flaw has existed in all versions of the software for the last 19 years.

According to a blog post by researchers at Check Point Software, the exploit works by just extracting an archive, and puts over 500 million users at risk.

Advertisement - Article continues below

"We found a logical bug using the WinAFL fuzzer and exploited it in WinRAR to gain full control over a victim's computer," said Nadav Grossman of Check Point Software.

"The exploit works by just extracting an archive and puts over 500 million users at risk. This vulnerability has existed for over 19 years(!) and forced WinRAR to completely drop support for the vulnerable format."

The flaw exists in the UNACEV2.DLL library included with all WinRAR versions. This library is used for parsing ACE (a data compression archive file format) archives.

Researchers found a path-traversal flaw that enables hackers to extract executable files into a computer's startup folder. This means that programs would run automatically whenever a system is booted up. All an attacker has to do is make a victim open a malicious archive file using WinRAR.

In response, WinRAR has dropped UNACEV2.dll from their package to fix the problem and has released WINRar version 5.70 beta 1 that doesn't support the ACE format. vWinRAR said that UNACEV2.DLL had not been updated since 2005 and it no longer has access to its source code.

Advertisement
Advertisement - Article continues below

The flaw is tracked under the CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 identifiers.

Windows users are advised to install the latest version of WinRAR as soon as possible and avoid opening files received from unknown sources.

Featured Resources

Preparing for long-term remote working after COVID-19

Learn how to safely and securely enable your remote workforce

Download now

Cloud vs on-premise storage: What’s right for you?

Key considerations driving document storage decisions for businesses

Download now

Staying ahead of the game in the world of data

Create successful marketing campaigns by understanding your customers better

Download now

Transforming productivity

Solutions that facilitate work at full speed

Download now
Advertisement

Recommended

Visit/security/ransomware/356292/university-of-california-gets-fleeced-by-hackers-for-114-million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020
Visit/security/cyber-security/356289/australia-announces-135b-investment-in-cybersecurity
cyber security

Australia announces $1.35 billion investment in cyber security

30 Jun 2020
Visit/cloud/cloud-security/356288/csa-and-issa-form-cybersecurity-partnership
cloud security

CSA and ISSA form cyber security partnership

30 Jun 2020
Visit/business/policy-legislation/356215/senators-propose-a-bill-aimed-at-ending-warrant-proof-encryption
Policy & legislation

Senators propose a bill aimed at ending warrant-proof encryption

24 Jun 2020

Most Popular

Visit/business/business-operations/356395/nvidia-overtakes-intel-as-most-valuable-us-chipmaker
Business operations

Nvidia overtakes Intel as most valuable US chipmaker

9 Jul 2020
Visit/laptops/29190/how-to-find-ram-speed-size-and-type
Laptops

How to find RAM speed, size and type

24 Jun 2020
Visit/server-storage/servers/356083/the-best-server-solution-for-your-smb
Sponsored

The best server solution for your SMB

26 Jun 2020