A critical vulnerability in the well-known WinRAR software could allow hackers to remotely execute code on Windows systems.
WinRAR is a file compression and decompression software that is commonly used in computers running Windows operating systems. The first version was released in the fall of 1993. What made WinRAR famous was that it allowed users to use WinRAR. It’s free to use, although sometimes it shows a notice that the trial period has expired. However, revenue for this software is believed to come from large corporations and businesses, where the use of copyrighted software is the norm.
The security error that appeared on WinRAR was assigned the identifier CVE-2023-40477 and had a CVSS score of 7.8. This vulnerability is described as a case of improper authentication during recovery processing.
Commenting on the bug, the Zero Day Initiative (ZDI) team said the issue was caused by a lack of valid user-supplied data validation, which resulted in memory accesses past the end of the allocated buffer. An attacker could take advantage of this vulnerability to execute code.
Successful exploitation of the vulnerability requires user interaction, where the target must be tricked into visiting a malicious website or simply opening a phishing archive.
A security researcher named ‘pauseselene’ is noted to have discovered and reported the vulnerability on June 8, 2023. The issue has been resolved in WinRAR version 6.23 released on 2/8/2023.
The latest version also solves the problem that WinRAR opens a wrong file after a user double-clicks an item in the special archive. The group-IB researcher is credited with reporting the incident.
