An Old WinRAR Vulnerability Left Users At Risk For Two Decades

  • 287
  •  
  •  
  • 1
  •  
  •  
  •  
    288
    Shares

Have you ever thought that an apparently harmless yet useful tool like WinRAR could pose security threats? Certainly seems so as highlighted in a recent report, the vendors have patched a WinRAR vulnerability with the latest software version. What’s more worrying is that the flaw existed for around two decades threatening 500 million users.

ACE WinRAR Vulnerability Discovered

Researchers from Check Point Research have discovered a flaw in popular archive tool WinRAR. Exploiting this WinRAR vulnerability could let a remote attacker execute code on the target machine. The researchers have described the details of the flaw in their recent blog post.

As revealed, they found a logical vulnerability ‘Absolute Path Traversal’ affecting an old dynamic link library (DLL) file. The vulnerability existed since the DLL was created back in 2006 without security.

“We found a Path Traversal vulnerability in unacev2.dll. It enables our harness to extract the file to an arbitrary path, and completely ignore the destination folder, and treats the extracted file relative path as the full path.”

To exploit the flaw, an attacker simply had to rename an ACE file to RAR. Then WinRAR could extract the malicious code from this .rar file and save it to the target computer’s Startup folder. This could result in code execution the next time the computer starts.

The following demonstrates how the archive saves the malicious code.

WinRAR Ended Support For ACE Format

After receiving the report of the flaw, RARLAB didn’t intend to fix the flaw. Rather they decided to end support for the vulnerable ACE format right away. As stated on their website,

“WinRAR used this third party library to unpack ACE archives. UNACEV2.DLL had not been updated since 2005 and we do not have access to its source code. So we decided to drop ACE archive format support to protect security of WinRAR users.”

Hence, with the WinRAR version 5.7 beta 1, WinRAR ends support for ACE files.

The following two tabs change content below.
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]
Avatar

Abeerah Hashim

Abeerah has been a passionate blogger for several years with a particular interest towards science and technology. She is crazy to know everything about the latest tech developments. Knowing and writing about cybersecurity, hacking, and spying has always enchanted her. When she is not writing, what else can be a better pastime than web surfing and staying updated about the tech world! Reach out to me at: [email protected]

Do NOT follow this link or you will be banned from the site!