sandabot Posted September 30, 2015 Report Posted September 30, 2015 Beware Windows Users!A new dangerous unpatched Zero-day Vulnerability has been detected in the latest version of WinRAR affects over millions of users worldwide.According to Mohammad Reza Espargham, a security researcher at Vulnerability-Lab, the stable version of WinRAR 5.21 for Windows computers is vulnerable to Remote Code Execution (RCE) flaw.WinRAR is one of the most popular utility program used to compress and decompress files with more than 500 Million installations worldwide.The WinRAR RCE vulnerability lie under the ‘High Severity’ block, and scores 9 on CVSS (Common Vulnerability Scoring System).HOW WINRAR VULNERABILITY WORKS?Let’s take a look at its actions.The vulnerability can be used by any attacker smartly to insert a malicious HTML code inside the "Text to display in SFX window" section when the user is creating a new SFX file.WinRAR SFX is an executable compressed file type containing one or more file and is capable of extracting the contents of its own.According to proof-of-concept video published by Espargham, latest WinRAR vulnerability allows remote hackers to execute arbitrary code on a victim's computer when opening an SFX file (self-extracting file). The major disadvantage arises because of SFX files, as they start functioning as soon as the user clicks on them. Therefore, users cannot identify and verify if the compressed executable file is a genuine WinRAR SFX module or a harmful one.NO PATCH YET AVAILABLEUnfortunately, there is no patch yet available to fix this vulnerability. However, Windows users are advised to:Use an alternate archiving softwareDo not click files received from unknown sourcesUse strict authentication methods to secure your system 1 Quote
neox Posted September 30, 2015 Report Posted September 30, 2015 (edited) Este interesant exploitul.https://www.exploit-db.com/exploits/38319/https://youtu.be/vIslLJYvnaMhttps://www.exploit-db.com/exploits/38361/Video : https://youtu.be/h976wFlHGw4 Edited September 30, 2015 by neox Quote
UnixDevel Posted September 30, 2015 Report Posted September 30, 2015 mai nu mi se pare chiar atit de periculoasa vulnerabilitatea ...acuma mai depinde si cat de "prost" esti Quote
UnixDevel Posted September 30, 2015 Report Posted September 30, 2015 Inseamna ca daca cineva o arde in domeniul asta, pe forumul asta si nu intelege despre ce e vorba, nici nu merita sa umble pe un pc.eu nu am zis asta ...doar ca haide sa fim seriosi cat de prost sa fii sa descarci si sa rulezi un exe de la cineva pe care nu il cunosti ? Quote
Pavlov Posted October 3, 2015 Report Posted October 3, 2015 eu nu am zis asta ...doar ca haide sa fim seriosi cat de prost sa fii sa descarci si sa rulezi un exe de la cineva pe care nu il cunosti ?Hai sa ii intrebam pe cei 80-90% din utilizatorii de internet care ar rula asa ceva, cat de prosti se cred:)) Quote
sorelian Posted October 3, 2015 Report Posted October 3, 2015 Hai sa ii intrebam pe cei 80-90% din utilizatorii de internet care ar rula asa ceva, cat de prosti se cred:)))Pai , nu-i foarte greu de testat... Quote
