A vulnerability has been discovered in the well-known WinRAR archiver, which is tracked under number CVE-2023-40477 — She was rated 7.8 out of 10 (high). Developers who were informed about the problem in advance have already fixed the bug in the program, and in WinRAR 6.23 the vulnerability has already been closed.
Project Zero Day Initiative lists the following theses about the vulnerability of older versions of WinRAR:
- The vulnerability allowed attackers to run arbitrary code.
- the mechanism of its work was associated with the processing of recovery volumes;
- the application incorrectly checked the user data;
- This causes malware to access outside of the allocated memory buffer.
- To exploit the vulnerability, the user had to be forced to launch a specially crafted malicious RAR archive themselves.
The issue was identified by a cybersecurity researcher under the nickname goodbyeselene. He reported his discovery to the WinRAR developers in early June. The corrected version of WinRAR 6.23, which does not contain the vulnerability, was released on August 2, and information about the problem was announced on August 17 – users had enough time to update the program.
Previously, File Explorer received support for the RAR format as part of the Windows 11 pre-release. It was implemented using the libarchive open library, which also supports LHA, PAX, TAR, TGZ and 7Z formats. The ability to unzip in the stable version of the system will be available in September, and creating archives will be available only next year. WinRAR developers do not seem deterred by this news: the specialized archiver offers a wider range of options than the built-in function in the file manager.