WinRAR Patches Significant Vulnerability Affecting Millions

Reading Time: ( Word Count: )

August 19, 2023

The widely-used file archiving software for Windows, WinRAR, has addressed a critical vulnerability that had the potential to let attackers run commands on a system just by the user opening an archive.

Designated as CVE-2023-40477, this vulnerability might have allowed hackers to remotely execute arbitrary code on the affected computer if a manipulated RAR file was accessed.

The discovery of this vulnerability is attributed to “goodbyeselene” from the Zero Day Initiative. They made RARLAB, the company behind WinRAR, aware of this flaw on June 8th, 2023. A security advisory posted on ZDI’s website explains, “This particular flaw arises during the treatment of recovery volumes. It stems from inadequate validation of data provided by users, possibly leading to memory access beyond a dedicated buffer.”

Considering victims need to be tricked into opening a compromised archive, the risk associated with this vulnerability gets a 7.8 score on the CVSS scale. However, duping users into the necessary actions isn’t necessarily complex, and the sheer size of WinRAR’s audience means there’s a significant risk of this vulnerability being exploited.

Also read: AI’s Ability to Decode Passwords Through Keystroke Sounds Raises Concerns

Addressing the Threat On August 2nd, 2023, RARLAB unveiled WinRAR version 6.23, which rectifies CVE-2023-40477. Thus, it’s imperative for users of WinRAR to install this security patch without delay.

In addition to the RAR4 recovery volumes processing code solution, the 6.23 update also handles issues related to the incorrect initiation of particular archives, another matter of great concern.

A noteworthy point is Microsoft’s move to incorporate native support for RAR, 7-Zip, and GZ files within Windows 11. This means users may not need third-party tools like WinRAR unless they seek its specialized functions.

For those who opt to stick with WinRAR, it’s crucial to ensure it’s consistently updated, especially in light of previous vulnerabilities that were leveraged by cybercriminals to distribute malware.

Further, users should be prudent about which RAR files they access and consider employing antivirus software capable of inspecting archives to boost their security posture.

Saher Mahmood

Saher Mahmood


Saher is a cybersecurity researcher with a passion for innovative technology and AI. She explores the intersection of AI and cybersecurity to stay ahead of evolving threats.

Other interesting articles

Automated vs Manual Penetration Testing

Automated vs Manual Penetration Testing

Pentesting is largely divided into two methodologies: Automated vs Manual Penetration Testing. Both have ...
8 Steps in Penetration Testing You Should Know

8 Steps in Penetration Testing You Should Know

Mastering the art of penetration testing has become a critical ability for security experts to combat cyber ...
Spear Phishing vs Whaling: What is the Difference

Spear Phishing vs Whaling: What is the Difference

Spear phishing is a particularly devious type of phishing assault in which the individual targeted plays a ...
How Often Should Penetration Testing Be Done

How Often Should Penetration Testing Be Done

Penetration testing is a crucial technique that involves simulating a cyberattack on networks, computer systems, ...

Submit a Comment

Your email address will not be published. Required fields are marked *