Slashdot Mirror

← Back to Stories (view on slashdot.org)

500 Million Users At Risk of Compromise Via Unpatched WinRAR Bug

Posted by samzenpus on from the protect-ya-neck dept.

An anonymous reader writes: A critical vulnerability has been found in the latest version of WinRAR, the popular file archiver and compressor utility for Windows, and can be exploited by remote attackers to compromise a machine on which the software is installed. "The issue is located in the 'Text and Icon' function of the 'Text to display in SFX window' module," Vulnerability Lab explained in a post on on the Full Disclosure mailing list. "Remote attackers are able to generate own compressed archives with malicious payloads to execute system specific codes for compromise."

3 of 129 comments (clear)

  1. Click-bait BS by pegr · · Score: 5, Insightful

    So a self-extracting RAR can be rigged to exploit your machine. A self-extracting RAR is an executable. So a executable from an untrusted source can exploit your box. Wake me when you have a real vulnerability.

    Oh, and samzenpus, that was the most clickbait bullshit Slashdot headline in months. You should be horsewhipped.

    1. Re:Click-bait BS by tlhIngan · · Score: 4, Insightful

      So a self-extracting RAR can be rigged to exploit your machine. A self-extracting RAR is an executable. So a executable from an untrusted source can exploit your box. Wake me when you have a real vulnerability.

      Actually, the problem is NOT the executable. The SFX part is NOT compromised at all. It's completely legitimate standard WinRAR SFX.

      However, the bug is that there's a buffer overflow in the SFX program - you can give it a malicious HTML file that cause it to execute code.

      The deal is that all a malicious user has to do is inject their file into a RAR archive and set a flag to have the SFX program show it as part of the SFX process. The SFX stub will check clean by all anti-virus because it's the same SFX stub as what WinRAR ships with.

      It's entirely possible that you cannot detect this - if the archive is password protected, for example, so you can't detect the bad HTML file at all. And the SFX will still check clean, but really infect your PC.

      The only workaround is to use WinRAR itself to open the SFX

  2. Can we finally admit WinRAR is terrible? by Anonymous Coward · · Score: 0, Insightful

    Can we finally admit WinRAR is terrible and annoying? Nobody cares about and extra few percent of zip style compression.

    Not that compression itself is bad. But we don't need like 5 competing formats that essentially get us to the same place while causing users a bunch more clicks and forcing them to install some crappy nagware.