WinRAR is one of those most popular file archiver utilities for Windows that almost everybody has used. Most of the people could not actually remember where the file compression tool came from or how does it work, but it’s just there on their system & always has been.
So, even if you’re one of those 500 million people who’ve used the software or have no idea about why it’s sitting on your computer, we have bad news for you!
Recently, a bunch of security researchers and experts at Check Point Software have discovered a 19-year old security vulnerability in the software that could put millions of people at risk.
What Actually Happened?
The vulnerability allowed hackers to manipulate WinRAR into extracting a malicious program to the victim’s PC’s startup folder by renaming an ACE File with a RAR extension. Once renamed, the program could run automatically when PC boots and can cause a lot of harm to the system.
The researchers explained the whole scenario in a blog post that how hackers could manipulate the software to target the victim & how this flaw went undetected for 19 years.
According to them, “An attacker can craft a poisoned ACE archive, disguised as a RAR file, that, when opened by WinRAR, exploits a path traversal flaw in unacev2.dll to trick the archiving tool into extracting the files into a path of the attacker’s choosing. This alone would be a potentially bad flaw but, in some situations, however, the bug could pose a critical risk.”
Know More:- Zip Slip: How Zip Files Are Becoming Vulnerable?
WinRAR’s Take Over The Whole Scenario!
Just after the security experts at Check Point Software informed WinRAR about their findings. The company immediately patched the vulnerability & released a version 5.7 beta 1 in which it entirely dropped the support for ACE archives.
Looks like, rather than working out on the issue & fixing it, the company choose to just kill of their support for ACE.
Though no attacks were reported, but 19 years is a quite long time to retain such a flaw with 500 million users potentially exposed to the threat. Users of this popular file compression program are requested to immediately update the software!
Moral of the story: What you did on your system 20 years ago can indeed come back to harm you!
Leave a Reply