Vulnerability in WinRAR allowed hackers to run arbitrary code when opening RAR archives

A vulnerability has been discovered in the well-known archiver WinRAR, which is tracked under the number CVE-2023-40477 - it is rated 7.8 out of 10 (high). The developers, who were notified of the problem in advance, have already fixed the bug in the program, and the vulnerability has already been closed in WinRAR 6.23.

Aug 21, 2023 - 17:00
Vulnerability in WinRAR allowed hackers to run arbitrary code when opening RAR archives
Image source: hackread

The Zero Day Initiative lists the following theses related to the vulnerability of older versions of WinRAR:

  • the vulnerability allowed attackers to execute arbitrary code;
  • its mechanism of operation was related to volume recovery processing;
  • the application incorrectly checked user data;
  • as a result, the malware accessed outside the allocated memory buffer;
    to exploit the vulnerability, the user had to be forced to launch a specially crafted malicious RAR archive.

The problem was discovered by a cybersecurity researcher under the nickname goodbyeselene. He reported his discovery to WinRAR developers in early June. The patched version of WinRAR 6.23, which does not contain the vulnerability, was released on August 2, and the information about the problem was announced on August 17 - users had enough time to update the program.

Earlier, the "Explorer" program as part of the preliminary version of Windows 11 received support for the RAR format. It was realized with the help of the open library libarchive, which also supports the formats LHA, PAX, TAR, TGZ and 7Z. The ability to unpack in the stable version of the system will appear in September, and the creation of archives will be available only next year. The WinRAR developers don't seem to be frightened by this news: the specialized archiver offers a wider range of options than the integrated function in the file manager.

What's Your Reaction?