WinRAR is vulnerable to malicious remote attacks


WinRAR is vulnerable to malicious remote attacks

The latest update to the WinRAR application has been found wanting on a security front. As the SFX archive is extracted inside the RAR file, WinRAR which is one of the most commonly used zipping and unzipping software, automatically executes a malicious code according to a report published by the Vulnerability Lab.

This leaves the user susceptible to remote attacks that can leverage the HTML instruction view in the installer and write any malicious code on the machine that runs the SFX file. This EXE file can then be run on the target machine without even the computer administrator being cognizant of it.

The loophole has been confirmed by MalwareBytes and the users of WinRAR SFX v5.21 are advised to keep themselves clear of using random compressed SFX files.

The report has been corroborated by WinRAR which has asserted that executable files, by design, are dangerous for any file system. They have advised their loyal customers to run such files only if they have been received from an authenticated source. They have further agreed that WinRAR Self-Extracting (SFX) executable files are no less dangerous than other executable files.

If no security patch is launched sooner rather than later, this flaw could be exploited by hackers worldwide. Also, it is quite complicated to comprehensively investigate the executable part for its authenticity.

The developers, WinRAR, apparently seem to be unfazed by the recent developments and have advised users to place putty.exe into RAR SFX archive and add following comments to the archive’s comments.

Click this link to get more information.

We will be happy to hear your thoughts

Leave a reply