A critical security flaw in the popular file compression tool, WinRAR, has been successfully addressed with a recent patch. This vulnerability posed a significant risk as it could potentially allow attackers to launch malicious programs directly from specially crafted archive files (.RAR).
The flaw centered around a path traversal issue. This means an attacker could manipulate the archive to place files in locations outside the intended extraction folder, specifically targeting directories like Windows Startup folders. When the system restarts or logs in, these placed malicious files could automatically execute, compromising the user’s computer without further interaction after the initial archive extraction.
This type of vulnerability is particularly dangerous because it bypasses standard security checks that might apply to executables run in other ways. It essentially uses the legitimate process of extracting files to plant and launch malware.
Users are strongly urged to update their WinRAR software immediately to the latest version. The company has released a patch that fixes this specific security hole, preventing attackers from exploiting it. Updating is the most critical step you can take to protect your system from this potential threat. Ignoring the update leaves your system vulnerable to attacks leveraging this now-publicly known weakness. Ensure you are running the patched version to maintain a secure environment when handling archive files. Protect your data and system by acting promptly.
Source: https://www.bleepingcomputer.com/news/security/winrar-patches-bug-letting-malware-launch-from-extracted-archives/
