The widely-used file archiving software for Windows, WinRAR, has addressed a critical vulnerability that had the potential to let attackers run commands on a system just by the user opening an archive.
Designated as CVE-2023-40477, this vulnerability might have allowed hackers to remotely execute arbitrary code on the affected computer if a manipulated RAR file was accessed.
The discovery of this vulnerability is attributed to “goodbyeselene” from the Zero Day Initiative. They made RARLAB, the company behind WinRAR, aware of this flaw on June 8th, 2023. A security advisory posted on ZDI’s website explains, “This particular flaw arises during the treatment of recovery volumes. It stems from inadequate validation of data provided by users, possibly leading to memory access beyond a dedicated buffer.”
Considering victims need to be tricked into opening a compromised archive, the risk associated with this vulnerability gets a 7.8 score on the CVSS scale. However, duping users into the necessary actions isn’t necessarily complex, and the sheer size of WinRAR’s audience means there’s a significant risk of this vulnerability being exploited.
Addressing the Threat On August 2nd, 2023, RARLAB unveiled WinRAR version 6.23, which rectifies CVE-2023-40477. Thus, it’s imperative for users of WinRAR to install this security patch without delay.
In addition to the RAR4 recovery volumes processing code solution, the 6.23 update also handles issues related to the incorrect initiation of particular archives, another matter of great concern.
A noteworthy point is Microsoft’s move to incorporate native support for RAR, 7-Zip, and GZ files within Windows 11. This means users may not need third-party tools like WinRAR unless they seek its specialized functions.
For those who opt to stick with WinRAR, it’s crucial to ensure it’s consistently updated, especially in light of previous vulnerabilities that were leveraged by cybercriminals to distribute malware.
Further, users should be prudent about which RAR files they access and consider employing antivirus software capable of inspecting archives to boost their security posture.