According to a report this morning from SonicWall, a vulnerability that could allow remote code execution has been discovered in WinRAR. This software vulnerability exposes the half a billion users of this Windows unarchiver. The vulnerability exploited is detailed by MITRE in CVE-2018-20250.

To find out if you are vulnerable, check to see if your WinRAR version is anything prior to WinRAR prior to 5.70 beta 1.

The fix is to update your software to the latest WinRAR version to resolve the issue.

For those not familiar with WinRAR, according to Wikipedia, “WinRAR is a trialware file archiver utility for Windows, developed by Eugene Roshal of win.rar GmbH. It can create and view archives in RAR or ZIP file formats, and unpack numerous archive file formats. To enable the user to test the integrity of archives, WinRAR embeds CRC32 or BLAKE2 checksums for each file in each archive. WinRAR supports creating encrypted, multi-part and self-extracting archives.”

Update: According to a March 23 2019 report by SonicWall, this WinRAR vulnerability is now being exploited in the wild.

“There have been two major exploits of this vulnerability, one targeting Ukraine with an Ukrainian law related PDF document and another targeting users in the Middle East. Last week, SonicWall Capture Labs Threat Research team has observed another campaign targeting users in Chile. WinRAR vulnerability is the most sought after exploit used by both cyber criminals and nation state actors.”

The security news brief from SonicWall also details the infection cycle of a WinRAR exploit. Be on guard!

Advertisements

Posted by Rafiki Technology

We learned a ton in school, on the job, but also from great technical insights that others shared on various platforms. We are just giving it back and glorifying Jesus Christ, the Inventor of all human beings. Please note that all information shared on or through our site is of good faith and is not intended to cause any harm individuals, groups, organizations, or devices. Just to be clear: you assume all responsibility for anything you do; we are not liable for anything that should go wrong.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.