WinRAR flaw lets hackers run programs when you open RAR archives
(www.bleepingcomputer.com)
from tedu to cybersecurity@infosec.pub on 19 Aug 2023 05:30
https://azorius.net/g/cybersecurity@infosec.pub/p/81jLMjYFDxH3Qn53px-WinRAR-flaw-lets-hackers-run-programs-when-you-o
from tedu to cybersecurity@infosec.pub on 19 Aug 2023 05:30
https://azorius.net/g/cybersecurity@infosec.pub/p/81jLMjYFDxH3Qn53px-WinRAR-flaw-lets-hackers-run-programs-when-you-o
The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened.
RARLAB released WinRAR version 6.23 on August 2nd, 2023, effectively addressing CVE-2023-40477.
threaded - newest
People still use WinRAR? Does it offer anything more than 7-zip?
For people compressing things a lot, winrar is much more productive than 7z. I can easily set up default profile in winrar (best compression quality + delete files after archiving) but can’t do this with 7z
tar with pigz for compressiom is a lifesaver for large archives.
Yes, many people in an office environment. Just habit like the Total Commander :|
Back in the time, it offered much better compression ratio than popular (Win)Zip. And it has SFX feature.