Batu69 Posted October 8, 2015 Share Posted October 8, 2015 Security firm Malwarebytes recently unveiled a vulnerability in WinRAR, the popular compression program which, according to the firm, has put millions of its users at risk.The program’s developers, RARLab, shrugged it off saying it’s not really a vulnerability. It turns out they were right, and Malwarebytes has apologized for its mistake. As it turns out this vulnerability is more an attack vector that only works with the user's cooperation, Malwarebytes wrote. "The vulnerability was fixed by Microsoft in November of 2014".RARLab’s response to the matter was that without this patch, every software utilizing MS Internet Explorer components including Internet Explorer itself can be vulnerable."The entire attack is based on vulnerabilities in Windows OLE MS14-064 patched in November 2014. System installed the patch are safe. System without patch must install it. Without this patch every software utilizing MS Internet Explorer components including Internet Explorer itself can be vulnerable to specially crafted HTML page allowing code execution. WinRAR SFX module displays HTML in start dialog, so it is affected too, but components of Internet Explorer are used in a huge number of different tools, not just in WinRAR SFX archives", it wrote.Malwarebytes apologized for its mistakes, saying that it takes too much user cooperation to be considered a vulnerability."I would like to apologize to WinRar as this is not a vulnerability in their software. It takes too much user cooperation and even then it does not run the resulting code in an elevated manner", adds Malwarebytes.Source Link to comment Share on other sites More sharing options...
212eta Posted October 10, 2015 Share Posted October 10, 2015 Malwarebytes ridiculed :jester: themselves... Link to comment Share on other sites More sharing options...
jamesDDI Posted October 10, 2015 Share Posted October 10, 2015 LOL :lol: Link to comment Share on other sites More sharing options...
oliverjia Posted October 10, 2015 Share Posted October 10, 2015 Well, at least they did apologize. People make mistakes, that's normal. As long as they acknowledge what's right and whats wrong, it's fine. Link to comment Share on other sites More sharing options...
SnakeMasteR Posted October 21, 2015 Share Posted October 21, 2015 There wasn't much of a choice, was there? Link to comment Share on other sites More sharing options...
hamedjoon Posted October 21, 2015 Share Posted October 21, 2015 Happy Extracting ^_^ :P Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.