Are you one of the roughly 500 million people using WinRAR? Best be careful with the archives you open. Security researcher Mohammed Reza Espargham has discovered a flaw in the way WinRAR version 5.21 handles self-extracting archives. The vulnerability makes way for attacks like remote code execution and data siphoning. You can check out a video of the exploit in action:
A bug in the way that WinRAR handles the "Text and Icon" functionality for self-executing archives lets attackers add malicious code to be executed when the user simply clicks to open it—without ever needing to begin extracting the files. The exploit code can access any data and perform any operations the current user can, which is especially dangerous if the user is an administrator. A victim could receive a legit-looking archive (or even an empty one) that silently sets up an exploit in the background or steals data when it's executed.
The bug scores 9.2, or "Critical," on the CVSS scale. However, WinRAR's developer Rarlab downplays the vulnerability. The developer says a self-executing archive is an executable in itself (something that requires careful handling to begin with). Rarlab says that a malicious attacker can achieve the same results by using other WinRAR self-extracting archive features, too.
|Nvidia's GeForce GTX 1060 graphics card reviewed||7|
|Xiaomi reveals Mi Mix phone with a 6.4" edgeless display||16|
|Zotac and Thermaltake join forces for a liquid-cooled GTX 1080||4|
|Zotac Magnus EN1080 may be the fastest mini-PC yet||14|
|Seagate 5TB BarraCuda and 2TB FireCuda drives are big and speedy||22|
|Nvidia licenses Rambus' DPA tech for side-channel data leak prevention||17|
|iOS 10.1 update includes portrait mode beta for iPhone 7 Plus||6|
|Lenovo ThinkCentre and ThinkPad machines pack AMD PRO APUs||28|
|Biostar belatedly announces GTX 1060 graphics cards||15|
|Signing your posts is daftly redundant. Meadows||+27|