WinRAR security issue


Ghot

Ghot

Well-known member
Guru
VIP
Local time
4:32 PM
Posts
15,556
Location
PA, USA
OS
Win 11 Home ♦♦♦26100.3775 ♦♦♦♦♦♦♦24H2 ♦♦♦non-Insider
www.ghacks.net

WinRAR security issue more wide-reaching than thought [Update] - gHacks Tech News

A recently disclosed security issue in the archiving software WinRAR is affecting other software programs as well.
www.ghacks.net www.ghacks.net

A recently disclosed security issue in the archiving software WinRAR is affecting other software programs as well.


The developers of WinRAR released version 6.23 of the popular archiving software earlier this month. The release included a security fix that addressed a major out of bounds issue. Malicious actors can exploit the vulnerability to execute code on devices that run earlier versions of WinRAR.


Users who open specially crafted WinRAR archives on their devices may fall pray to the attack. The downloading of such a specially crafted archive and the opening of it on the user's system is sufficient to allow attackers to execute arbitrary code on the device.


The issue, which is identified as CVE-2023-40477, is a high-severity vulnerability found in the processing of recovery volumes. The update to WinRAR 6.23 addresses the vulnerability and WinRAR users should install the update as soon as possible to protect their devices against potential exploits of the vulnerability.
Click to expand...


More...

arstechnica.com

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

Vulnerability allows hackers to execute malicious code when targets open malicious ZIP files.
arstechnica.com arstechnica.com

A newly discovered zero-day in the widely used WinRAR file-compression program has been exploited for four months by unknown attackers who are using it to install malware when targets open booby-trapped JPGs and other innocuous inside file archives.


The vulnerability, residing in the way WinRAR processes the ZIP file format, has been under active exploit since April in securities trading forums, researchers from security firm Group IB reported Wednesday. The attackers have been using the vulnerability to remotely execute code that installs malware from families, including DarkMe, GuLoader, and Remcos RAT.


From there, the criminals withdraw money from broker accounts. The total amount of financial losses and total number of victims infected is unknown, although Group-IB said it has tracked at least 130 individuals known to have been compromised. WinRAR developers fixed the vulnerability, tracked as CVE-2023-38831, earlier this month.
Click to expand...
 

My Computers

System One System Two

  • OS
    Win 11 Home ♦♦♦26100.3775 ♦♦♦♦♦♦♦24H2 ♦♦♦non-Insider
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® [May 2020]
    CPU
    AMD Ryzen 7 3700X
    Motherboard
    Asus Pro WS X570-ACE (BIOS 5002)
    Memory
    G.Skill (F4-3200C14D-16GTZKW)
    Graphics Card(s)
    EVGA RTX 2070 (08G-P4-2171-KR)
    Sound Card
    Realtek ALC1220P / ALC S1220A
    Monitor(s) Displays
    Dell U3011 30"
    Screen Resolution
    2560 x 1600
    Hard Drives
    2x Samsung 860 EVO 500GB,
    WD 4TB Black FZBX - SATA III,
    WD 8TB Black FZBX - SATA III,
    DRW-24B1ST CD/DVD Burner
    PSU
    PC Power & Cooling 750W Quad EPS12V
    Case
    Cooler Master ATCS 840 Tower
    Cooling
    CM Hyper 212 EVO (push/pull)
    Keyboard
    Ducky DK9008 Shine II Blue LED
    Mouse
    Logitech Optical M-100
    Internet Speed
    300/300
    Browser
    Firefox (latest)
    Antivirus
    Bitdefender Internet Security
    Other Info
    Speakers: Klipsch Pro Media 2.1
  • Operating System
    Windows XP Pro 32bit w/SP3
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® (not in use)
    CPU
    AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
    Motherboard
    ASUS M2N32-SLI Deluxe Wireless Edition
    Memory
    TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
    Graphics card(s)
    EVGA 256-P2-N758-TR GeForce 8600GT SSC
    Sound Card
    Onboard
    Monitor(s) Displays
    ViewSonic G90FB Black 19" Professional (CRT)
    Screen Resolution
    up to 2048 x 1536
    Hard Drives
    WD 36GB 10,000rpm Raptor SATA
    Seagate 80GB 7200rpm SATA
    Lite-On LTR-52246S CD/RW
    Lite-On LH-18A1P CD/DVD Burner
    PSU
    PC Power & Cooling Silencer 750 Quad EPS12V
    Case
    Generic Beige case, 80mm fans
    Cooling
    ZALMAN 9500A 92mm CPU Cooler
    Mouse
    Logitech Optical M-BT96a
    Keyboard
    Logitech Classic Keybooard 200
    Internet Speed
    300/300
    Browser
    Firefox 3.x ??
    Antivirus
    Symantec (Norton)
    Other Info
    Still assembled, still runs. Haven't turned it on for 15 years?
Thank you. Just downloaded the new version.
 

My Computers

System One System Two

  • OS
    windows 11 22631.5039
    Computer type
    Laptop
    Manufacturer/Model
    MSI Raider GE76
    CPU
    Core i9 12th gen 12900HK 2.9 MHz (overcloked: 3890.48)
    Motherboard
    MSI
    Memory
    32 Gigs DDR5-4800
    Graphics Card(s)
    nVidia RTX 3070 Ti / 8 Gigs DDR6
    Sound Card
    DYNAUDIO - Steelsries Arena 7- Sound Effects by Nahimic 3
    Monitor(s) Displays
    17.3" 1920 x 1080 360 Hz 3 ms, IPS / Connected to MSI 32 inch curved @ 165 Hz
    Screen Resolution
    1920 x 1080 / Both
    Hard Drives
    Samsung 990 Pro 2TB (OS) - Solidigm P41 2TB (Storage)
    PSU
    280 watts
    Case
    MSI GE series
    Cooling
    internal
    Keyboard
    Steelseries
    Mouse
    G903 Lightspeed
    Internet Speed
    1000 Mbps
    Browser
    Firefox / Opera GX- Do not like Edge
    Antivirus
    Malwarebytes'
    Other Info
    just ask.
  • Operating System
    Windows 10 22H2
    Computer type
    Laptop
    Manufacturer/Model
    MSI GT73 7RE VR Titan
    CPU
    Intel Core i7 7820HK 2.9 Ghz
    Motherboard
    MSI
    Memory
    16 Gigs DDR4 2400 Mhz
    Graphics card(s)
    nVidia 1070 8GB RAM
    Sound Card
    DYNAUDIO / Nahimic 2
    Monitor(s) Displays
    IPS / 120HZ
    Screen Resolution
    1920x1080P
    Hard Drives
    Samsung NVME EVO 970 1TB / Samsung SSD (SATA) 1TB
    PSU
    240 watts
    Case
    MSI
    Cooling
    Internal
    Mouse
    Logitech G903 Lightspeed
    Keyboard
    Steelseries
    Internet Speed
    1 Gb/s
    Browser
    Firefox / Vivaldi
    Antivirus
    MalwareBytes'
    Other Info
    none.
Flashorn said:
Thank you. Just downloaded the new version.
Click to expand...


I saw the article, and I know there's a few folks that use WinRAR. So I linked the site. :-)
 

My Computers

System One System Two

  • OS
    Win 11 Home ♦♦♦26100.3775 ♦♦♦♦♦♦♦24H2 ♦♦♦non-Insider
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® [May 2020]
    CPU
    AMD Ryzen 7 3700X
    Motherboard
    Asus Pro WS X570-ACE (BIOS 5002)
    Memory
    G.Skill (F4-3200C14D-16GTZKW)
    Graphics Card(s)
    EVGA RTX 2070 (08G-P4-2171-KR)
    Sound Card
    Realtek ALC1220P / ALC S1220A
    Monitor(s) Displays
    Dell U3011 30"
    Screen Resolution
    2560 x 1600
    Hard Drives
    2x Samsung 860 EVO 500GB,
    WD 4TB Black FZBX - SATA III,
    WD 8TB Black FZBX - SATA III,
    DRW-24B1ST CD/DVD Burner
    PSU
    PC Power & Cooling 750W Quad EPS12V
    Case
    Cooler Master ATCS 840 Tower
    Cooling
    CM Hyper 212 EVO (push/pull)
    Keyboard
    Ducky DK9008 Shine II Blue LED
    Mouse
    Logitech Optical M-100
    Internet Speed
    300/300
    Browser
    Firefox (latest)
    Antivirus
    Bitdefender Internet Security
    Other Info
    Speakers: Klipsch Pro Media 2.1
  • Operating System
    Windows XP Pro 32bit w/SP3
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® (not in use)
    CPU
    AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
    Motherboard
    ASUS M2N32-SLI Deluxe Wireless Edition
    Memory
    TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
    Graphics card(s)
    EVGA 256-P2-N758-TR GeForce 8600GT SSC
    Sound Card
    Onboard
    Monitor(s) Displays
    ViewSonic G90FB Black 19" Professional (CRT)
    Screen Resolution
    up to 2048 x 1536
    Hard Drives
    WD 36GB 10,000rpm Raptor SATA
    Seagate 80GB 7200rpm SATA
    Lite-On LTR-52246S CD/RW
    Lite-On LH-18A1P CD/DVD Burner
    PSU
    PC Power & Cooling Silencer 750 Quad EPS12V
    Case
    Generic Beige case, 80mm fans
    Cooling
    ZALMAN 9500A 92mm CPU Cooler
    Mouse
    Logitech Optical M-BT96a
    Keyboard
    Logitech Classic Keybooard 200
    Internet Speed
    300/300
    Browser
    Firefox 3.x ??
    Antivirus
    Symantec (Norton)
    Other Info
    Still assembled, still runs. Haven't turned it on for 15 years?
As a by-the-by I use Nana-zip now as it's a more secure fork of 7-Zip.
 

My Computers

System One System Two

  • OS
    Win 11 Home & Pro
    Computer type
    Laptop
    Manufacturer/Model
    ASUS Vivobook
    CPU
    AMD Ryzen™ 7 7730U
    Motherboard
    M1605YA
    Memory
    15.0GB Dual-Channel DDR4 @ 1596MHz (22-22-22-52)
    Graphics Card(s)
    512MB ATI AMD Radeon Graphics (ASUStek Computer Inc)
    Monitor(s) Displays
    Generic PnP Monitor (1920x1200@60Hz) - P1 PLUS (1920x1080@59Hz)
    Screen Resolution
    1920 X 1200
    Hard Drives
    953GB Western Digital WD
    PSU
    45 Watts
    Mouse
    Lenovo Bluetooth.
    Internet Speed
    500 Mbps
    Browser
    Edge
    Antivirus
    Defender
  • Operating System
    Windows 11
    Computer type
    Laptop
    Manufacturer/Model
    ACER NITRO
    CPU
    AMD Ryzen 7 5800H / 3.2 GHz
    Motherboard
    CZ Scala_CAS (FP6)
    Memory
    32 GB DDR4 SDRAM 3200 MHz
    Graphics card(s)
    NVIDIA GeForce RTX 3060 6 GB GDDR6 SDRAM
    Sound Card
    Realtek Audio. NVIDIA High Definition Audio
    Monitor(s) Displays
    15.6" LED backlight 1920 x 1080 (Full HD) 144 Hz
    Screen Resolution
    1920 x 1080 (Full HD)
    Hard Drives
    Samsung 970 Evo Plus 2TB NVMe M.2
    PSU
    180 Watt, 19.5 V
    Mouse
    Lenovo Bluetooth
    Internet Speed
    500 Mbps
    Browser
    Edge
    Antivirus
    Defender
Yeah, Nana is pretty good overall. I keep it handy just in case, but OneCommander (my file manager) and WinRar are my go to apps.
 

My Computers

System One System Two

  • OS
    Windows 11 23H2 Current build
    Computer type
    PC/Desktop
    Manufacturer/Model
    HomeBrew
    CPU
    AMD Ryzen 9 3950X
    Motherboard
    MSI MEG X570 GODLIKE
    Memory
    4 * 32 GB - Corsair Vengeance 3600 MHz
    Graphics Card(s)
    EVGA GeForce RTX 3080 Ti XC3 ULTRA GAMING (12G-P5-3955-KR)
    Sound Card
    Realtek® ALC1220 Codec
    Monitor(s) Displays
    2x Eve Spectrum ES07D03 4K Gaming Monitor (Matte) | Eve Spectrum ES07DC9 4K Gaming Monitor (Glossy)
    Screen Resolution
    3x 3840 x 2160
    Hard Drives
    3x Samsung 980 Pro NVMe PCIe 4 M.2 2 TB SSD (MZ-V8P2T0B/AM) } 3x Sabrent Rocket NVMe 4.0 1 TB SSD (USB)
    PSU
    PC Power & Cooling’s Silencer Series 1050 Watt, 80 Plus Platinum
    Case
    Fractal Design Define 7 XL Dark ATX Full Tower Case
    Cooling
    Arctic Liquid Freezer III 420 RGB + Air 3x 140mm case fans (pull front) + 1x 120 mm (push back) and 1 x 120 mm (pull bottom)
    Keyboard
    SteelSeries Apex Pro Wired Gaming Keyboard
    Mouse
    Logitech MX Master 3S | MX Master 3 for Business
    Internet Speed
    AT&T LightSpeed Gigabit Duplex Ftth
    Browser
    Nightly (default) + Firefox (stable), Chrome, Edge , Arc
    Antivirus
    Defender + MB 5 Beta
  • Operating System
    ChromeOS Flex Dev Channel (current)
    Computer type
    Laptop
    Manufacturer/Model
    Dell Latitude E5470
    CPU
    Intel(R) Core(TM) i5-6300U CPU @ 2.40GHz, 2501 Mhz, 2 Core(s), 4 Logical Processor(s)
    Motherboard
    Dell
    Memory
    16 GB
    Graphics card(s)
    Intel(R) HD Graphics 520
    Sound Card
    Intel(R) HD Graphics 520 + RealTek Audio
    Monitor(s) Displays
    Dell laptop display 15"
    Screen Resolution
    1920 * 1080
    Hard Drives
    Toshiba 128GB M.2 22300 drive
    INTEL Cherryville 520 Series SSDSC2CW180A 180 GB SATA III SSD
    PSU
    Dell
    Case
    Dell
    Cooling
    Dell
    Mouse
    Logitech MX Master 3S (shared w. Sys 1) | Dell TouchPad
    Keyboard
    Dell
    Internet Speed
    AT&T LightSpeed Gigabit Duplex Ftth
WinRAR.png
 

My Computers

System One System Two

  • OS
    Win 11 Home ♦♦♦26100.3775 ♦♦♦♦♦♦♦24H2 ♦♦♦non-Insider
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® [May 2020]
    CPU
    AMD Ryzen 7 3700X
    Motherboard
    Asus Pro WS X570-ACE (BIOS 5002)
    Memory
    G.Skill (F4-3200C14D-16GTZKW)
    Graphics Card(s)
    EVGA RTX 2070 (08G-P4-2171-KR)
    Sound Card
    Realtek ALC1220P / ALC S1220A
    Monitor(s) Displays
    Dell U3011 30"
    Screen Resolution
    2560 x 1600
    Hard Drives
    2x Samsung 860 EVO 500GB,
    WD 4TB Black FZBX - SATA III,
    WD 8TB Black FZBX - SATA III,
    DRW-24B1ST CD/DVD Burner
    PSU
    PC Power & Cooling 750W Quad EPS12V
    Case
    Cooler Master ATCS 840 Tower
    Cooling
    CM Hyper 212 EVO (push/pull)
    Keyboard
    Ducky DK9008 Shine II Blue LED
    Mouse
    Logitech Optical M-100
    Internet Speed
    300/300
    Browser
    Firefox (latest)
    Antivirus
    Bitdefender Internet Security
    Other Info
    Speakers: Klipsch Pro Media 2.1
  • Operating System
    Windows XP Pro 32bit w/SP3
    Computer type
    PC/Desktop
    Manufacturer/Model
    Built by Ghot® (not in use)
    CPU
    AMD Athlon 64 X2 5000+ (OC'd @ 3.2Ghz)
    Motherboard
    ASUS M2N32-SLI Deluxe Wireless Edition
    Memory
    TWIN2X2048-6400C4DHX (2 x 1GB, DDR2 800)
    Graphics card(s)
    EVGA 256-P2-N758-TR GeForce 8600GT SSC
    Sound Card
    Onboard
    Monitor(s) Displays
    ViewSonic G90FB Black 19" Professional (CRT)
    Screen Resolution
    up to 2048 x 1536
    Hard Drives
    WD 36GB 10,000rpm Raptor SATA
    Seagate 80GB 7200rpm SATA
    Lite-On LTR-52246S CD/RW
    Lite-On LH-18A1P CD/DVD Burner
    PSU
    PC Power & Cooling Silencer 750 Quad EPS12V
    Case
    Generic Beige case, 80mm fans
    Cooling
    ZALMAN 9500A 92mm CPU Cooler
    Mouse
    Logitech Optical M-BT96a
    Keyboard
    Logitech Classic Keybooard 200
    Internet Speed
    300/300
    Browser
    Firefox 3.x ??
    Antivirus
    Symantec (Norton)
    Other Info
    Still assembled, still runs. Haven't turned it on for 15 years?
You must log in or register to reply here.

Similar threads

Solved Windows Security issue after 24H2 update
Replies
19
Views
2K
antspants
antspants
Microsoft April 2025 Security Updates
Replies
0
Views
3K
NICK ADSL UK
N
Microsoft March 2025 Security Updates
Replies
0
Views
2K
NICK ADSL UK
N
Microsoft February 2025 Security Updates
Replies
0
Views
2K
NICK ADSL UK
N
Microsoft January 2025 Security Updates
Replies
0
Views
4K
NICK ADSL UK
N

Latest Support Threads

Latest Tutorials

Back
Top Bottom