WinRAR Releases Patch After Researchers Discover 19-Year-Old Security Flaw That Put 500M Users At Risk


WinRAR has rolled out a new patch after security firm Check Point Software Technologies discovered a 19-year-old flaw in the data compression tool.

The vulnerability allowed hackers to extract a malicious program to their target's hard drive, the researchers explain.

WinRAR Security Flaw

In a blog post, Check Point Software Technologies explained the ins and outs of the uncovered flaw. After finding out that WinRAR still had support for the ACE format, it came to the conclusion that the tool is using a dated dynamic link library or DLL from 2006 that didn't have a protection mechanism.

The company also uploaded a short clip on YouTube that demonstrates how the issue works. Basically, what it shows is that hackers could simply rename an ACE file with a RAR extension and potentially have it extract a malicious program to the startup folder of a computer. That way, the harmful file can run automatically when the computer boots up.

According to WinRAR, it has more than 500 million users. Put differently, 500 million users have been put at risk because of this security vulnerability.

WinRAR's Countermeasure

As reported by The Verge, WinRAR released a new version 5.70 beta 1 after it was informed about the issue by the researchers. Now the patch doesn't exactly fix the problem. Instead, it's just dropping support for ACE. As the news outlet points out, this move makes sense because the only program that can make this archive format is WinACE, a tool that hasn't been updated since 2007.

In the patch notes, WinRAR explains that it has been using a third-party library called UNACEV2.DLL, which hasn't received an update since 2005, to unpack ACE archives, meaning it doesn't have access to its source code.

Needless to say, WinRAR users are advised to download the latest version as soon as possible.

ⓒ 2018 All rights reserved. Do not reproduce without permission.
Real Time Analytics