Netac NV7000 2 TB NVMe SSD Review
ASUS GeForce RTX 4080 Noctua OC Edition review
MSI Clutch GM51 Wireless mouse review
ASUS ROG STRIX B760-F Gaming WIFI review
Asus ROG Harpe Ace Aim Lab Edition mouse review
SteelSeries Arctis Nova Pro Headset review
Ryzen 7800X3D preview - 7950X3D One CCD Disabled
MSI VIGOR GK71 SONIC Blue keyboard review
AMD Ryzen 9 7950X3D processor review
FSP Hydro G Pro 1000W (ATX 3.0, 1000W PSU) review
WinRAR patches 19 year old security issue
Well, it took them a while, but it is finally patched. You might want to grab the latest build btw as a vulnerability allowed attackers to copy malware into any folder on the computer or network share unnoticed. By copying the file into the startup folder of Windows, the malware would execute every time Windows started.
WinRAR is a so-called file archiver utility and allows users to combine multiple files into one, and/or shrink the file size of files by compressing them. Due to a bug in the decompressing algorithm of the old, compressed file format .ACE, it was possible to install malware on the computer reports myce.
The security researchers who discovered the issue reported it to the developers of WinRAR, who immediately released a patch to fix the bug. The fix was rather simple, the developers removed support for the outdated .ACE format. WinRAR is very popular, worldwide the software is installed on more than 500 million computers. It’s unknown whether the vulnerability has been exploited in the wild. All WinRAR users are advised to update as soon as possible.
RealNC
Senior Member
Posts: 4140
Joined: 2011-11-24
Senior Member
Posts: 4140
Joined: 2011-11-24
#5642672 Posted on: 02/22/2019 09:45 AM
They fixed it immediately after it was discovered.
someone finally paid for WinRAR and they had a budget for that fix?
They fixed it immediately after it was discovered.
sverek
Senior Member
Posts: 6070
Joined: 2011-01-02
Senior Member
Posts: 6070
Joined: 2011-01-02
#5642673 Posted on: 02/22/2019 09:47 AM
19 years ago 7z was released.
https://en.wikipedia.org/wiki/7-Zip
19 years ago 7z was released.
https://en.wikipedia.org/wiki/7-Zip
Guru01
Senior Member
Posts: 352
Joined: 2015-02-10
Senior Member
Posts: 352
Joined: 2015-02-10
#5642719 Posted on: 02/22/2019 11:59 AM
Which version is it, the 5.61 final or the beta 5.70?
Which version is it, the 5.61 final or the beta 5.70?
AntiSnipe
Senior Member
Posts: 370
Joined: 2003-06-28
Senior Member
Posts: 370
Joined: 2003-06-28
#5642748 Posted on: 02/22/2019 01:14 PM
Seriously. What is the point of knowing this if we don't know how to correct it? 5.61 still lists .ACE in the "Associate with" list, so I'm thinking the beta or some unreleased version still.
EDIT: From www.theregister.co.uk
"The ACE format has been removed in 5.70 beta 1, so all versions of WinRAR after that release will be protected from the bug."
Which version is it, the 5.61 final or the beta 5.70?
Seriously. What is the point of knowing this if we don't know how to correct it? 5.61 still lists .ACE in the "Associate with" list, so I'm thinking the beta or some unreleased version still.
EDIT: From www.theregister.co.uk
"The ACE format has been removed in 5.70 beta 1, so all versions of WinRAR after that release will be protected from the bug."
Click here to post a comment for this news story on the message forum.
Member
Posts: 53
Joined: 2015-03-25
someone finally paid for WinRAR and they had a budget for that fix?