Detecting a serious security error on WinRAR can affect 500 million users,This serious flaw could cause half a billion WinRAR users' computers to be hijacked, steal data or encrypt extortion data.

A serious vulnerability could affect half a billion users

This serious flaw could cause half a billion WinRAR users' computers to be hijacked, stolen data, or encrypted extortion data.

Winrar is one of the most popular software in the world with convenient, fast and easy usage. However, there are very few users who care about the origin of Winrar, how it works and whether it is safe.

Discovering a serious security error on WinRAR can affect 500 million users

Unfortunately, recently the security experts at Check Point personally announced their findings regarding a very dangerous vulnerability that has existed within WinRAR for over 19 years.

A serious vulnerability could affect half a billion users

Experts at Check Point published the information on February 20. They discovered that in the library WinRAR's code contained a vulnerability, allowing hackers to broadcast a malicious code and plug it into a user's computer, thereby performing malicious actions.

More specifically, the dangerous vulnerability is located in the .dll library file, when properly exploited it will allow hackers to take full control of the victim's device. This file is named "unacev2.dll", used by WinRAR when reading the compressed ACE file format. When hackers change the end of the compressed file (.ACE) to RAR, they can download the contents of the compressed file to the user's computer or install the malicious code into Windows Startup.

A security expert in commented on this vulnerability as follows

A security expert in commented on this vulnerability as follows:

"The bad guys can take advantage of a security error when Winrar reads the compressed file format (.ACE). Accordingly, the hacker only needs to change the .ACE file to contain malicious code (SFX) to .RAR then the malicious code will be released to the computer. Calculate the victim (such as writing to the StartUp folder), which leads to the victim's computer being hijacked, stealing data or encrypting the extortion data. "

WinRAR vulnerability quickly patched

The publication of a serious security error also means, it will be easier to exploit. However, the experts at Check Point quickly moved alert information with WinRAR, very quickly, WinRAR has released a new version to patch the dangerous vulnerability.

WinRAR vulnerability quickly patched

WinRAR website announces:

"Nadav Grossman from Check Point Software Technologies informed us of a security vulnerability coming from the UNACEV2.DLL library file. This vulnerability can create files in arbitrary, external or external directories. in the destination directory when extracting the ACE archive file ".

WinRAR immediately released a patch version of 5.70 beta 1, now you can download the link here to ensure your device's safety.

Post A Comment:

0 comments: