WinRAR Fixes 14-Year-Old Bug


WinRAR, a file compression app on Windows, recently patched a bug that was there for fourteen years (via ArsTechnica).





[iFixit: We Are All Geniuses, Advocates Right to Repair]





WinRAR’s Vulnerability





The bug made it possible for hackers to execute malicious code on your computer if you opened a booby-trapped file. It involved a flaw found in UNACEV2.DLL, a code library that hasn’t been updated since 2005.





 recently patched a bug that was there for fourteen years  WinRAR Fixes 14-Year-Old Bug




The code-execution vulnerability in WinRAR has existed the entire 14 years since the UNACEV2 library was created, and possibly earlier, Check Point researchers said in a blog post. In the same post, they compared their proof-of-concept exploit to zero-day attacks exploit broker Zerodium said it would buy for as much as $100,000.


Related




Basically, because of the flaw archive files could be extracted to a location that the attacker chose, instead of the user’s choice or default location.





[That Anti-LGBT Emoji is Just a Glitch]


Related Posts

0 Response to "WinRAR Fixes 14-Year-Old Bug"

Post a Comment

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel