![]() ![]() “A patch is now available, but many users still seem to be vulnerable,” says TAG in a blog post detailing the WinRAR exploit. The vulnerability allows attackers to execute arbitrary code when a user attempts to view a benign file (such as an ordinary PNG file) within a ZIP archive. ![]() One of those bugs, later assigned CVE-2023-38831, is a logical vulnerability within WinRAR causing extraneous temporary file expansion when processing crafted archives, combined with a quirk in the implementation of Windows’ ShellExecute when attempting to open a file with an extension containing spaces. In August 2023, RARLabs released an updated version of WinRAR that included fixes for several security-related bugs. TAG has observed government-backed actors from a number of countries exploiting the WinRAR vulnerability as part of their operations. A patch is now available, but many users still seem to be vulnerable. Cybercrime groups began exploiting the vulnerability in early 2023, when the bug was still unknown to defenders. ![]() In recent weeks, Google’s Threat Analysis Group’s (TAG) has observed multiple government-backed hacking groups exploiting the known vulnerability, CVE-2023-38831, in WinRAR, which is a popular file archiver tool for Windows. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |