WinRAR archiver vulnerability potentially endangers millions of users and third parties. Updating is strongly recommended.

WinRAR is a program for Windows that allows you to compress and archive files. Researchers recently uncovered a vulnerability that could potentially endanger millions of users.

The facts

The vulnerability has a CVSS score of 7.8 and was coded CVE-2023-40477. It was discovered on June 8th by a security researcher working with the Zero Day Initiative, a division of Trend Micro. This happened publicly on August 17th.

WinRAR was notified by the researchers and the company released a patch about an update in the form of version 6.23 of the program on August 2nd. This update also fixes some minor bugs.

There is an alternative for users of Windows 11. For several months, this system has been supporting standard RAR files, which means that you no longer need to install WinRAR to open these files.

The danger

CVE-2023-40477 allows (malicious) code to run when someone opens a RAR file. An attacker could gain access to the storage due to missing user credentials that could be validated when opening an archived file.

This also goes beyond an allocated buffer. The vulnerability allows a hacker to create a RAR file to run code.

WinRAR is shareware and can therefore be downloaded for free. You can then use it for more than a month before you start paying. As a result, the program has hundreds of millions of users, but it is also popular with people with malicious intentions. It’s not the first time that a vulnerability has appeared in WinRAR. As always, the best of the past applies here, updating is the message.