The National Cyber Security Center (NCSC), the government has decided to withdraw an alert for a vulnerability in the popular archiving program WinRAR, since the vulnerability is in Windows but not in WinRAR and there is last year's patched.
In late September demonstrated a researcher how he could attack via a malicious SFX archives using Windows. WinRAR is a very popular program for packing and unpacking files. Besides the standard RAR archive, the software can also make a Self Able Extract (SFX) archives. In this case the archive file is unpacked automatically when the user opens the file, regardless of whether they have installed WinRAR or not. By letting users open a malicious SFX archive an attacker could execute arbitrary code with the rights of the logged in user, says the researcher.
Then the NCSC came with a warning. In it, the vulnerability was described as "average". However, the attack of the researcher appears to work only if the computer has a security update for Windows mist that was released by Microsoft last November. Something RARLAB, the developer of WinRAR, most recently through the website announced. Because of this additional information decided anti-malware company Malwarebytes too a blog posting about the alleged vulnerability remove and now has the NCSC's security advisory today revoked.
No comments:
Post a Comment