Results 1 to 5 of 5

Thread: WinRAR exploit

  1. #1
    Junior Member
    Join Date
    Nov 2015
    Posts
    50
    Thanks
    65
    Thanked 20 Times in 10 Posts
    Rep Power
    114
    Reputation
    410

    Default WinRAR exploit

    I saw in the news today that there's a WinRAR exploit. goes into a whole lot of detail. (Too much to follow, really, but most news outlets go the other direction and just say there's some vulnerability being used to target brokers' accounts without giving any idea of what is happening.) My understanding is that it's WinRAR itself, not the .rar format, and that it can be triggered by opening a maliciously-crafted .zip or .rar file. There's a CVE number assigned, but it presently just shows up as "Reserved" with no details.

    Seems like this was specifically targeted at some financial trading groups, but be extra careful with what you download either way. (Sincerely, someone who has recently downloaded, and shared, some .zip and .rar files. Yikes!)



Look Here ->
  • #2
    Premium Member
    wotnot's Avatar
    Join Date
    Nov 2019
    Location
    Scenic Rim, SE Qld
    Posts
    3,361
    Thanks
    1,497
    Thanked 3,072 Times in 1,573 Posts
    Rep Power
    1415
    Reputation
    62309

    Default



    Been around since April, I don't care (linux user)....looks like the term 0day has lost it's knife-edge =)

  • #3
    Junior Member
    Join Date
    Nov 2015
    Posts
    50
    Thanks
    65
    Thanked 20 Times in 10 Posts
    Rep Power
    114
    Reputation
    410

    Default

    The zero-day aspect is definitely confounding journalists. My impression is that it was a zero-day in April and was exploited undetected for some time, but was then noticed in June/July and fixed in August. But certainly not one now.

    Mac/Linux (laptop/server) guy here, so same situation as you, except for when I've got to deal with radio programming stuff which is still Windows-based. (Although I don't use WinRAR.)

  • #4
    LSemmens
    lsemmens's Avatar
    Join Date
    Dec 2011
    Location
    Rural South OZ
    Posts
    10,687
    Thanks
    11,937
    Thanked 7,117 Times in 3,373 Posts
    Rep Power
    3183
    Reputation
    133712

    Default

    Winrar, wot's that? Another Linux user here. Fortunately, it is unlikely to ever be an issue in this household as I rarely download compressed files and NEVER use winrar.
    I'm out of my mind, but feel free to leave a message...

  • #5
    Premium Member
    wotnot's Avatar
    Join Date
    Nov 2019
    Location
    Scenic Rim, SE Qld
    Posts
    3,361
    Thanks
    1,497
    Thanked 3,072 Times in 1,573 Posts
    Rep Power
    1415
    Reputation
    62309

    Default

    Actually, I have winrar installed in my default $wineprefix, and all the desktop file associations point to that, so if I double-click on a *.rar file, winrar pops up ...and if I don't want that I can use the downloads context to unpack it with Xarchiver... and if I'm really feeling lazy, hit the shell up with an unrar -x ...

    What's interesting here (or will be), finding out what's responsible for the delayed exposure ... it's not typically consistent with the disclosure chronology normally seen with 0day 'ploits ...goota gut feeling there's more to this than is immediate obvious, at the now...

  • Bookmarks

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •