WinRAR version 6.23 fixes the critical vulnerability CVE-2023-40477, which allows malicious code to run on the system

Short description

Summarize this content to 100 words Developers from RARLAB have released WinRAR version 6.23. The update of the popular archiver removes the critical vulnerability CVE-2023-40477, which allows attackers to remotely and imperceptibly run malicious code on the operating system if a specially created RAR archive is opened on the PC.This vulnerability was discovered on June 8, 2023 by an IS researcher with the nickname goodbyeselene from the Zero Day Initiative team. The expert forwarded a full report on this issue to RARLAB.”An archiver code error was detected in the operation of the RAR4 volume recovery processing system. The issue is caused by the application’s lack of proper validation of user data, which may lead to access to system memory outside the boundaries allocated for this process in the memory buffer,” reads the security bulletin published on the ZDI website.Exploiting the WinRAR vulnerability requires interaction with the user, for example, with the help of social engineering, hackers can persuade them to open a malicious file. An attacker then uses this vulnerability to execute code in the context of the current process on the system.In addition to fixing the CVE-2023-40477 vulnerability, WinRAR version 6.23 fixed an issue related to the possibility of launching an incorrectly created file after the user double-clicked on its element in a specially created archive. This vulnerability in the archiver was discovered by IS expert Andriy Polovinkin from the Group-IB Threat Intelligence team.Profile experts advise users and system administrators to update WinRAR and not to open third-party archives without first checking with antivirus tools.

WinRAR version 6.23 fixes the critical vulnerability CVE-2023-40477, which allows malicious code to run on the system

Developers from RARLAB have released WinRAR version 6.23. The update of the popular archiver removes the critical vulnerability CVE-2023-40477, which allows attackers to remotely and imperceptibly run malicious code on the operating system if a specially created RAR archive is opened on the PC.

This vulnerability was discovered on June 8, 2023 by an IS researcher with the nickname goodbyeselene from the Zero Day Initiative team. The expert forwarded a full report on this issue to RARLAB.

“An archiver code error was detected in the operation of the RAR4 volume recovery processing system. The issue is caused by the application’s lack of proper validation of user data, which may lead to access to system memory outside the boundaries allocated for this process in the memory buffer,” reads the security bulletin published on the ZDI website.

Exploiting the WinRAR vulnerability requires interaction with the user, for example, with the help of social engineering, hackers can persuade them to open a malicious file. An attacker then uses this vulnerability to execute code in the context of the current process on the system.

In addition to fixing the CVE-2023-40477 vulnerability, WinRAR version 6.23 fixed an issue related to the possibility of launching an incorrectly created file after the user double-clicked on its element in a specially created archive. This vulnerability in the archiver was discovered by IS expert Andriy Polovinkin from the Group-IB Threat Intelligence team.

Profile experts advise users and system administrators to update WinRAR and not to open third-party archives without first checking with antivirus tools.

Related posts