A vulnerability exists that existed for over 19 years in a well-established compression decompression software 'WinRAR'
It turned out that vulnerability existed for a long time in one " WinRAR " compression decompression software (archiver) which was used for a long time since the 1990s. To be exact, it is not the WinRAR itself, it is probably because it was present in WinRAR since the vulnerability of the library which was not updated since 2005, probably existed over 19 years ago.
Extracting a 19 Year Old Code Execution from WinRAR - Check Point Research
https://research.checkpoint.com/extracting-code-execution-from-winrar/
Behold ... a WinRAR security bug that's older than your child's favorite YouTuber. And yes, you should you patch this hole • The Register
https://www.theregister.co.uk/2019/02/20/winrar_security_bug/
The vulnerability was found in one of the libraries used by WinRAR, " unacev2.dll " used for expanding ACE format files.
According to Check Point Research of a security company, what exists in unacev2.dll is a pass traversal vulnerability, it is possible to create a file in an arbitrary folder when WinRAR opens a "malicious archive file" There is a possibility that code may be executed remotely.
Specific demonstration images are also released.
Extracting Code Execution from WinRAR - YouTube
User Account Control (UAC) is set to the strictest "Always notify" setting.
The "startup" folder is empty.
On the desktop are "malicious archive files". It exploits the vulnerability of "unacev2.dll", but the distributed "malicious archive file" is not necessarily in ACE format.
Extract this archive file using WinRAR.
Then, at the same time that the file appeared on the desktop, another file appeared in the startup folder. Since the files on the desktop are "just files" that are not viruses or malware, we do not notice anything at all.
In response to the contact from Check Point Research, RARLAB , the developer of WinRAR, deleted unacev2.dll with "WinRAR 5.70 beta 1" and ceased responding to the ACE format for security protection. Arabic, Bulgarian, Simplified Chinese, Dutch, English, Finnish, French, Hungarian, Indonesian, Portuguese, Brazilian Portuguese on January 28, 2019 Version · Romanian · Russian · Serbian Cyrillic · Swedish · Ukrainian version has been released.
Since the latest version of the Japanese version at the time of writing the article remains WinRAR 5.61, please be careful of those who are using suspicious archive files.
WinRAR Home | Completely compatible with WinRAR - RAR, ZIP. RAR · ZIP · CAB · GZUP · ACE etc. Compression / decompression in a wide range of formats is possible. Japanese version for Windows 7.
http://www.winrarjapan.com/
Related Posts: