Take a free phone number to receive SMS Ukraine when you register and confirm your account on a suspicious site. This will keep your phone number safe.
Tests conducted by researchers at Check Point Software Technologies using the WinAFL fuzzer led to a security error in the unacev2.dll library used by WinRAR to decompress ACE archives.
The library is vulnerable to vulnerabilities (CVE-2018-20250), which allows attackers to create an ACE archive that extracts files to an arbitrary folder on the system.
Check Point researchers have shown that a security hole can be used to extract a harmless file to the destination folder selected by the user, as well as to extract the malicious file to the location specified by the attacker. An attacker can, for example, extract some of the malware into the Windows startup folder, and it will be launched the next time the operating system boots.
The cybersecurity firm reported its findings to WinRAR RARLab, who decided that the best way to protect users from potential attacks is to remove support for ACE archives. This solution has been implemented since the release of WinRAR 5.70 beta 1.
RARLab says that unacev2.dll has not been updated since 2005, and the company no longer has access to its source code.
The following CVEs were assigned to other WinRAR vulnerabilities discovered by Check Point during the fuzzing project: CVE-2018-20251, CVE-2018-20252, and CVE-2018-20253. The company has published technical details and a video showing the exploit in action.
The popularity of WinRAR may make it a tempting target for attackers. Although no WinRAR vulnerabilities have been discovered over the past three years, the lack of a backup tool was used in cyber espionage campaigns back in 2014.
Vulnerabilities in WinRAR are still valuable. Zerodium, an exploit acquisition firm, offers up to $ 80,000 for remote code execution errors, and last year it offered as much as $ 100,000.