Vulnerability in WinRAR puts users at risk of being attacked
This vulnerability, codenamed CVE-2023-40477, was discovered in June. Currently, the developer RARLAB has released a patch.
WinRAR is a file compression and decompression application popular with Windows computer users. This vulnerability appears in the processing of the "recovery volume", a step in the decompression process of this software. An attacker could trick a user into opening a specially crafted compressed file with the hacker's intent, then take advantage of a newly discovered vulnerability in WinRAR to execute arbitrary code on the victim's system.
According to experts, this is not a very serious vulnerability with a score of 7.8 because the exploitation depends on the user's actions.
However, according to Bleeping Computer, for hackers, tricking users into opening the file is not too much of a challenge. The number of WinRAR users is very large around the world, so the possibility of successful exploitation by hackers is also quite high.
Developer RARLAB has released patch 6.23 to fix this problem and also fix another critical error in file initialization that causes some special archives to have problems compressing. Users should update soon to ensure safety.
Microsoft is said to be testing a feature that allows users to compress files, supporting current popular compression formats such as RAR, 7-Zip and GZ built into Windows 11. If this feature officially added, WinRAR as well as third-party software will be used less often.
You should read it
- Warning of dangerous vulnerabilities on WinRAR, users should uninstall or upgrade to a new version
- Users who have not updated the WinRAR patch, despite being warned, continue to take advantage of the vulnerability to insert malicious code.
- Link Download WinRAR 6.00b1: A free compression and decompression tool
- Why does Winrar give you a free trial for a lifetime?
- WinRAR is really free version, please download and experience
- Instructions for notes with WinRAR
- WinRAR settings automatically delete the root directory after decompressing the data
- How to Use WinRAR
- Detecting serious security flaws that exist for more than 19 years on WinRAR, can affect 500 million users
- How to Download WinRAR
- How to create ISO file with WinRAR
- Instructions to collapse the WinRAR menu on the right-click menu
Maybe you are interested
This is the culprit that prevents users from updating Windows 11 24H2
How to switch users on the Linux command line
4 reasons why users are looking forward to the Samsung Galaxy S25 Ultra
5 things Pro users may have to give up to switch to iPhone 17 Air
8 Windows 11 features that make users decide to give up Windows 10
AMD Ryzen Users Should Install This BIOS Update for a Free Performance Boost