19-Year Old Critical WinRAR Vulnerability Discovered

Winrar-Vulnerability

The Popular Windows data compression tool WinRAR has patched a serious 19-year-old security flaw that was discovered on its platform, potentially impacting 500 million users.

The security vulnerability allows attackers to extract malicious software to anywhere on your hard drive. It was discovered by researchers at Check Point Software Technologies and resides in the way an old third-party library, called UNACEV2.DLL, used by the software handled the extraction of files compressed in ACE data compression archive file format.

After the security researchers informed WinRAR of their findings, the team patched the vulnerability with version 5.70 beta 1 of the software. Rather than attempt to fix the issue, the team opted to drop support for ACE archives entirely, which was probably the sensible option considering the only program capable of creating the archives, WinACE, hasn't been updated for years.

It's unclear if any attacks have used this exploit in the 19 years it's existed, but with 500 million WinRAR users worldwide they had plenty of opportunities to do so.

Get A Report of All Vulnerable WinRAR Installations

If you currently have WinRAR deployed on your workstations, it's pretty critical that you update it at the earliest opportunity to ensure that you don't fall prey to this exploit.

Lansweeper can tell you in no time which devices have a vulnerable WinRAR version in place and need to be patched. Simply run our custom color-coded report and get cracking.

Receive the Latest Vulnerability Reports for FREE

Source: https://research.checkpoint.com/extracting-code-execution-from-winrar/

Try Lansweeper for Free

Learn why Lansweeper is used by thousands of enterprises worldwide.​