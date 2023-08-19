A high-severity vulnerability in WinRAR, a popular file archiver utility for Windows, has been resolved. This vulnerability, identified as CVE-2023-40477, allowed remote attackers to execute arbitrary code on a targeted system by simply opening a specially crafted RAR file.

The flaw was discovered by a researcher named “goodbyeselene” of Zero Day Initiative, who promptly reported it to RARLAB, the vendor, on June 8th, 2023. The security advisory released on ZDI’s site highlights that the vulnerability exists within the recovery volumes processing and results from a lack of proper validation of user-supplied data, leading to unauthorized memory access.

Although this vulnerability requires a target to be deceived into opening an archive, the severity rating is still significant, with a CVSS score of 7.8. Deceiving users to take the required action may not be too difficult in practice. Given the extensive user base of WinRAR, attackers have multiple opportunities for successful exploitation.

To mitigate the risk, RARLAB released WinRAR version 6.23 on August 2nd, 2023. This update effectively addresses CVE-2023-40477, and WinRAR users are strongly advised to apply it immediately. Additionally, version 6.23 also fixes an issue related to wrongly initiated files in specially crafted archives, which is considered a high-severity problem.

It is worth mentioning that Microsoft is currently testing native support for RAR, 7-Zip, and GZ files on Windows 11. This means that third-party software such as WinRAR will no longer be necessary, unless users require its advanced features.

Users who continue to utilize WinRAR should ensure that their software is always updated, as similar vulnerabilities have been exploited by hackers in the past to install malware. Practicing caution when opening RAR files and utilizing an antivirus tool capable of scanning archives are also recommended security measures.