WinRAR is one of the most downloaded Windows programs in history, has now been discovered to have a security vulnerability that risks millions of Windows users for nearly two decades.
The program, which allows us to compress files to collect them, has a vulnerability of 19 years, which threatens our computer.
The program, which allows us to compress files to collect them, has a vulnerability of 19 years, which threatens our computer.
Check Point researchers have posted technical details about this vulnerability in WinRAR, affecting all versions released in the last 14 years.
The flaw lies in how an old third-party library called UNACEV2.DLL was used by the program to extract compressed files in the ACE data compression format. In this way, the problem is that WinRAR detects file format based on its content, not the extension, so you can simply change the ACE extension. To RAR. To look like a normal file.
"Access path bugs allow hackers to extract compressed files in a folder of their choice instead of the folder chosen by the user himself," the researchers said. "This provides an opportunity for malicious code to be placed in the Windows startup folder, which will run automatically when restarting."
The flaw lies in how an old third-party library called UNACEV2.DLL was used by the program to extract compressed files in the ACE data compression format. In this way, the problem is that WinRAR detects file format based on its content, not the extension, so you can simply change the ACE extension. To RAR. To look like a normal file.
"Access path bugs allow hackers to extract compressed files in a folder of their choice instead of the folder chosen by the user himself," the researchers said. "This provides an opportunity for malicious code to be placed in the Windows startup folder, which will run automatically when restarting."
The solution that WinRAR should follow is to delete the UNACEV2.DLL library that was included in the WinRAR program in 2005, but lost its source code, so the solution they chose was to delete the file directly to fix this security flaw, which they did when it was canceled Full support for ACE in the current 5.70 beta version of the Winrar program, and they thanked researchers at Check Point Software for notifying them of this failure.
