calvin-dim Posted February 20, 2019 Share Posted February 20, 2019 ** WinRAR versions released in the last 19 years impacted by severe security flaw! **Catalin CimpanuImage: Check Point // Composition: ZDNet WinRAR, one of the world's most popular Windows file compression applications, has patched last month a severe security flaw that can be abused to hijack users' systems just by tricking a WinRAR user into opening a malicious archive. The vulnerability, discovered last year by security researchers from Check Point Software, impacts all WinRAR versions released in the last 19 years. On its website, the WinRAR team boasts of having a userbase of over 500 million users, all of whom are most likely impacted. The good news for all WinRAR users is that WinRAR devs released an update to fix the issue last month. According to a Check Point technical write-up that takes a deep dive into WinRAR's inner workings, the vulnerability resides in the UNACEV2.DLL library included with all WinRAR versions. This library is responsible for unpacking archives in the ACE format. Check Point researchers discovered a way to build malicious ACE archives that when decompressed used coding flaws in this library to plant malicious files outside the intended decompression path destination. For example, Check Point researchers were able to use this vulnerability to plant malware in a Windows PC's Startup folder, malware that would execute after the next reboot, infecting and taking over the PC. A proof-of-concept demo video recorded by the Check Point team is available below.https://www.youtube.com/watch?v=R2qcBWJzHMo WinRAR devs released WinRAR 5.70 Beta 1 on January 28 to address this vulnerability --tracked under the CVE-2018-20250, CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253 identifiers. Because devs lost access to the UNACEV2.DLL library source code around 2005, they opted to drop support for ACE archive formats altogether. In the coming months and years, because of WinRAR's extremely large userbase, users should be aware that malware operators will most likely attempt to exploit this vulnerability. Home users should take care not to open any ACE archives they receive via email unless they've updated WinRAR first. System administrators at large corps should also warn employees about opening these files without having updated WinRAR first, as well. Exploit vendors have already shown interest in buying vulnerabilities in file compression utilities last year, offering to pay as much as $100,000 for a remote code execution flaw in WinRAR, 7-Zip, WinZip (on Windows) or tar (on Linux). The reason is that these types of apps are almost always installed on corporate or home computers, and are an ideal attack surface for hackers or government entities.--Source Link to comment Share on other sites More sharing options...
halvgris Posted February 21, 2019 Share Posted February 21, 2019 anyone using ace 2019 has a far worse problem. Link to comment Share on other sites More sharing options...
straycat19 Posted February 21, 2019 Share Posted February 21, 2019 2 hours ago, halvgris said: anyone using ace 2019 has a far worse problem. The last version of WinAce was 2.6.9 and was released in 2014. The winace.com site isn't even up any more. The only newer release is a BSD Licensed version (2017) that will unpack Ace V2 files. FWIW, I can't remember the last time I saw an ACE compressed file, probably around 20 years ago. Link to comment Share on other sites More sharing options...
debebee Posted February 21, 2019 Share Posted February 21, 2019 same here... ace archives are rare as arj... have not seen one in 3 decades 😄 Link to comment Share on other sites More sharing options...
x3r0 Posted February 21, 2019 Share Posted February 21, 2019 And... I also remember when scene repack group occasionally use UHARC along with ACE... Damn the old days... Link to comment Share on other sites More sharing options...
tivstip Posted February 21, 2019 Share Posted February 21, 2019 time to update then Link to comment Share on other sites More sharing options...
M.Poorya Posted February 22, 2019 Share Posted February 22, 2019 Other article and the video inside as well : WinRAR has a critical security bug: here is the fix - gHacks Tech News Link to comment Share on other sites More sharing options...
keyman Posted February 22, 2019 Share Posted February 22, 2019 I'm safe, updated a month ago But I was terribly sad when WinACE shut down, it was quite a good format, with strong compression and a lot of options. And the app itself was my favourite packer/unpacker - very powerful, great interface, quite versatile. Link to comment Share on other sites More sharing options...
jvidal Posted March 5, 2019 Share Posted March 5, 2019 well, this wasn't that big a risk, since we had never heard of it before and it seems that no one was ever affected by this... Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.