Customers are suggested to improve their WinRAR installations to repair two high-severity flaws that attackers might exploit to execute arbitrary code. The RAR archive format, which is related to WinRAR, has been abused and exploited by cybercriminals earlier than as a result of its lengthy historical past of utilization and recognition on the web.
Vulnerabilities might permit execution of malicious code
One of many vulnerabilities is tracked as CVE-2023-40477 and was discovered by a researcher utilizing the title goodbyeselene who reported it by means of Development Micro’s Zero Day Initiative (ZDI) program. It’s rated 7.7 on the CVSS scale, which correlates to excessive severity. “This vulnerability permits distant attackers to execute arbitrary code on affected installations of RARLAB WinRAR,” the ZDI advisory reads. “Consumer interplay is required to take advantage of this vulnerability in that the goal should go to a malicious web page or open a malicious file.”
The flaw is a buffer overflow situation that stems from the best way WinRAR processes restoration volumes (.REV recordsdata). Restoration volumes are particular recordsdata that WinRAR creates when an archive is cut up into a number of components (volumes) and permits this system to reconstruct a lacking or broken file in a quantity set. The difficulty is brought on by improper validation of user-supplied information in .REV recordsdata that can lead to reminiscence entry past the allotted buffer. This may be exploited to execute code within the context of the WinRAR course of.
The second vulnerability, talked about within the WinRAR 6.23 launch notes, can result in the execution of the fallacious file when the consumer double clicks on an merchandise inside a specifically crafted archive. Andrey Polovinkin from Group-IB’s Menace Intelligence unit is credited with reporting this subject, however it’s not clear if he found it himself or discovered it being utilized in assaults.
Lengthy historical past of attackers exploiting RAR
The RAR archive format dates again to 1993 and gained widespread recognition due to its good compression ratio and its means to create cut up archives — archives cut up into smaller components. This allowed the better distribution of huge recordsdata at a time within the early days of the web when community instability might simply end result within the corruption of downloaded recordsdata.
RAR remains to be fashionable at present regardless of being a proprietary format and in consequence Microsoft is testing native read-only assist for it and different archive codecs like 7z in Home windows 11. Till that’s carried out, customers should depend on the WinRAR archive supervisor to create or unpack such archives, and in accordance with this system’s builders, over 500 million customers do.
