A critical vulnerability has been resolved in WinRAR, a widely-used file archiver utility on Windows systems, that allows attackers to execute commands on a computer by simply opening a malicious archive.
This security flaw, known as CVE-2023-40477, enables remote attackers to achieve arbitrary code execution on the targeted system when a specially crafted RAR file is opened. The vulnerability was discovered by “goodbyeselene,” a researcher from the Zero Day Initiative, who promptly reported it to the vendor, RARLAB, on June 8th, 2023.
“The specific flaw exists within the processing of recovery volumes,” reads the security advisory released on ZDI’s site.
“The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer.”
To exploit a vulnerability successfully, a user would have to visit a disguised malicious page or open a file to fall victim. According to the CVSS, this lowers the severity rating to 7.8. However, from a practical standpoint, tricking users into taking the required action shouldn’t pose a significant challenge. Considering the extensive user base of WinRAR, attackers have numerous opportunities for successful exploitation.
Mitigating The Risk
On August 2nd, 2023, RARLAB released WinRAR version 6.23, which effectively resolves CVE-2023-40477. For the utmost security, it is strongly recommended that WinRAR users promptly apply this available update.
In addition to the fix for the RAR4 recovery volumes processing code, version 6.23 addresses a high-severity issue related to incorrectly initialized files in specially crafted archives.
It is worth noting that Microsoft is currently testing native support for RAR, 7-Zip, and GZ files in Windows 11. As a result, third-party software like WinRAR will no longer be necessary in this version, unless specific advanced features are required.
To ensure the security of WinRAR users, it is crucial to keep the software updated. In the past, hackers have exploited similar vulnerabilities to install malicious software. Additionally, exercising caution when opening RAR files and utilizing an antivirus tool capable of scanning archives are recommended security measures. By implementing these practices, users can enhance their overall protection.