WinRAR security issue more wide-reaching than thought [Update]
A recently disclosed security issue in the archiving software WinRAR is affecting other software programs as well.
The developers of WinRAR released version 6.23 of the popular archiving software earlier this month. The release included a security fix that addressed a major out of bounds issue. Malicious actors can exploit the vulnerability to execute code on devices that run earlier versions of WinRAR.
Users who open specially crafted WinRAR archives on their devices may fall pray to the attack. The downloading of such a specially crafted archive and the opening of it on the user's system is sufficient to allow attackers to execute arbitrary code on the device.
The issue, which is identified as CVE-2023-40477, is a high-severity vulnerability found in the processing of recovery volumes. The update to WinRAR 6.23 addresses the vulnerability and WinRAR users should install the update as soon as possible to protect their devices against potential exploits of the vulnerability.
Update: we confirmed with WinRAR that the two DLL files are not vulnerable to the security issue. While it may still make sense to update these to the latest version, the reported security issue can't be exploited in third-party programs that utilize these libraries. End
The libraries unrar.dll and unrar64.dll, used by third-party applications, are also vulnerable. While some applications have released updates to resolve the issue, others are still using older versions of the library files, which remain vulnerable.
Administrators and home users may want to run searches for the two library files on their devices, or check the directories of applications that use the files specifically, to find out if patched versions are installed.
The latest update date may also provide clues regarding the vulnerability. If the last update has been released before August 2, 2023, the library files are likely vulnerable. Opening RAR archives in these third-party applications may therefore also fall pray to attacks targeting the vulnerability.
Microsoft is currently testing the integration of support for various archive formats, including RAR but also 7-ZIP and others, in its Windows 11 operating system. The Windows 11 implementation relies on libarchive and not on the two rar library files.
WinRAR users may select Help > About WinRAR in the application to display the installed version. The latest version of WinRAR can be downloaded from the official website.
Now You: do you use WinRAR or another software to open and create archives?Advertisement