Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

WinRAR compression software has critical security risks

If you need reliability when it comes to SMTP servers, get the best, get Port 587.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

September 30, 2015

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

It was just discovered today that over 500 million users are at risk from a public zero day remote code execution exploit affecting all versions of the popular WinRAR compression software.

A proof-of-concept exploit has been published, however. Its creator says it works on all versions of WinRAR, making it very likely that it will be used by cyber criminals in various phishing attacks.

Overall, WinRAR has been a popular open source unzipping tool for Windows users for about 20 years already.

It is plugged heavily thanks to many reviews by software download sites like CNET and Softpedia.

Iranian researcher Mohammad Espargham reported the security flaw to the Full Disclosure security mailing list.

"This vulnerability allows unauthorized remote attackers to execute system specific code to compromise a target system," Espargham added.

The security issue is located in the text and icon function of the 'text to display in SFX' window module.

"Remote attackers are able to generate their own compressed archives with malicious payloads to execute system specific codes for compromise," he added.

Espargham puts the severity score at a high 9.2 since it requires low competency to exploit and requires that users only open the file.

Torrent files for games and applications would be a nice attack vector given attacks could be made stealthy.

The security vulnerability has not yet received a CVE number by which major bugs are tracked and scored, however.

Attackers can write HTML code to WinRAR's window that will run on a target machine when the archive is opened.

Malware Bytes researcher Pieter Arntz says the proof of concept needs subtle tweaking out of the tin for it to work properly.

"The proof-of-concept requires some trivial changes before I got it to work," Arntz says, but that might have been down to a simple Perl version conflict, however.

Source: Mohammad Espargham.

Get a powerful Linux Dual-Core dedicated server for less than $2.67 a day!

Share on Twitter.

Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact
Copyright © Internet    Terms of use    Privacy agreement    Legal disclaimer