Skip to main content
Customer Support Customer Support

Latest WinRAR Vulnerability has Yet to be Patched

  • September 29, 2015
  • 4 replies
  • 2 views
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54
September 29, 2015 | BY Pieter Arntz
 
                                              


 
Yesterday, a proof-of-concept (PoC) was published for a vulnerability in WinRAR SFX v5.21, which is the latest version of the popular software used to compress and decompress files.
 
At this moment, the vulnerability is yet to be patched, so WinRAR users are advised to be extra vigilant when handling uninvited compressed SFX files. Be advised to download the new version as soon as a patch has been made available.
 
This vulnerability, which as of now has not received a CVE ID yet, allows a remote attacker to create a compressed file and execute code on the victim’s computer when they are processing to open the infected compressed SFX archive.
 
Full Article
    Ssherjj
    D_J
    2 people like this
    • Ssherjj
      Ssherjj
    • D_J
      D_J

    4 replies

    Jasper_The_Rasper
    Moderator
    Forum|alt.badge.img+54

    Proof of concept could lead to nasty phish

     
                                                 


     
    30 Sep 2015 at 07:30, Darren Pauli
     
    Half a billion users are at risk from a public zero day remote code execution exploit affecting all versions of the popular WinRAR compression software.
     
    A proof-of-concept exploit has been published. Its creator reckons it works on all versions of WinRAR, making it very likely that it will be used by criminals in phishing attacks.
     
    WinRAR has been a popular shareware unzipping tool for Windows users over the last two decades.
     
    It is plugged heavily thanks to many reviews by software download sites like CNET and Softpedia.
     
    Full Article
    shorTcircuiT
    Ssherjj
    R
    3 people like this
    • shorTcircuiT
      shorTcircuiT
    • Ssherjj
      Ssherjj
    • R
      retiredAntus67
    shorTcircuiT
    Gold VIP
    • shorTcircuiT
    • Gold VIP
    • 7721 replies
    • September 30, 2015
    That is just not the best news of the day.............
    Jasper_The_Rasper
    Ssherjj
    2 people like this
    • Jasper_The_Rasper
      Jasper_The_Rasper
    • Ssherjj
      Ssherjj
    R
    Community Guide
    • retiredAntus67
    • Community Guide
    • 5988 replies
    • September 30, 2015
    WinRAR is one of the most popular compression software on the market today. Yet...........the company has not provided a patch for this exploit .............what is wrong with this picture???
    Jasper_The_Rasper
    Ssherjj
    2 people like this
    • Jasper_The_Rasper
      Jasper_The_Rasper
    • Ssherjj
      Ssherjj
    Ssherjj
    Moderator
    Forum|alt.badge.img+62
    • Ssherjj
    • Moderator
    • 21952 replies
    • September 30, 2015
    That's crazy WInrar is such a good program..I don't get it that they haven't patched this either! 😞
    Windows Insider, iMac 2021 27 in i5 Retina 5, iMac OS Sequoia (15.4.2), Security: iPads, W 1p0 & (VM:15), ALIENWARE 17R4, W10 Workstation, ALIENWARE 15 R6, W11, Webroot® SecureAnywhere™ Internet Security Complete (Android Samsung Galaxy Ultra Note 23, Webroot Beta Tester. Security
    Jasper_The_Rasper
    D_J
    2 people like this
    • Jasper_The_Rasper
      Jasper_The_Rasper
    • D_J
      D_J

    Reply


    Terms & Conditions