Friday , August 19 2022

They discover that WinRar has been facing a serious security problem for 15 years


Surely centenary they do not have an idea of ​​what we are talking about, but almost everyone with a computer in 2000 can admit that they use WinRar At some point In times of slow Internet connection this program was very useful in comparing the weight of several files and sharing them. It happened to those who downloaded files via eMule or Kazaa (a friend told us we never use them).

More than 15 years later researchers found at Check Point Software a security error who was present in this well-known program and which allowed anyone to run malware in our computer.

WinRar, the classic program used to compress and decompile files.
WinRar, the classic program used to compress and decompile files.

This failure was able to customize the file extraction path, independent of what the user decides. In other words, a compressed document may have the extraction folder already configured, and it does not matter what we tell the program to pull in another folder.

If the attacker gets someone to open the file with WinRar, it could operate a remote code on the victim's computer.

Y bug (or error) in a Windows library of the name unacev2.dll used only to analyze ACE files, very old compression format and very little. WinRar uses this third-party library to decompress this type of document.

However, that library It has not been updated since 2005, since WinRar does not have access to the code and thus can not correct the failure. They have only now decided to delete the support to ACE in the current beta version 5.70.

Source link