Furthermore, it is compatible with multiple operating systems, and it is the only compression tool that supports Unicode. It is compatible with the latest version of Windows 11™ and Windows 10™, and it is available in over 50 languages, both in 32-bit and 64-bit versions. WinRAR 64bit is the most widely used compression software globally, with a user base of over 500 million people. It can back up your data and reduce the size of email attachments, decompress RAR, ZIP, and other files downloaded from the Internet and create new archives in RAR and ZIP file format. For reference, RARLAB and Zero Day Initiative have only revealed the existence of this exploit - they haven't explained exactly how it is performed.WinRAR is a 64-bit Windows version of RAR Archiver. At the time of writing, there is no evidence that hackers have exploited CVE-2023-40477 in the real world, though this may change as the vulnerability has become public knowledge. It isn't a "critical" vulnerability, but if you're the kind of person who downloads random RAR archives from seedy websites, you should take this very seriously. According to Zero Day Initiative's public warning, "this issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer." RARLAB says that the flaw is located in WinRAR's "recovery volumes processing code," but doesn't elaborate any further.īecause this specific exploit requires user interaction (you must open a malicious archive), it has received a 7.8 severity rating from the CVSS. The vulnerability, which is identified as CVE-2023-40477, allows hackers to execute arbitrary code when a target opens a malicious RAR archive.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |