Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19

Page 1 of 2 12 LastLast
  1.    #1

    Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19


    Beware Windows users... a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide.

    Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the software released in last 19 years.

    The flaw resides in the way an old third-party library, called UNACEV2.DLL, used by the software handled the extraction of files compressed in ACE data compression archive file format.

    However, since WinRAR detects the format by the content of the file and not by the extension, attackers can merely change the .ace extension to .rar extension to make it look normal.


    Source: Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years
    Last edited by Brink; 4 Weeks Ago at 10:14.
      My ComputersSystem Spec

  2.    #1

    So I presume if you rename or delete UNACEV2.DLL in the WinRAR install folder WinRAR will not be vulnerable anymore?
      My ComputerSystem Spec

  3.    #2

    Tovad said: View Post
    So I presume if you rename or delete UNACEV2.DLL in the WinRAR install folder WinRAR will not be vulnerable anymore?
    Thanks for the tip, I'm secure now. I can't remember the last time I saw a *.ace file anyhow???
      My ComputerSystem Spec

  4. Pendaws's Avatar
    Posts : 323
    Windows 10 Pro 64bit 1809 (17763.55)
       #3

    I have version 5.61 and that .dll file isn't in the folder at all. Lucky me :)
      My ComputerSystem Spec

  5.    #4

    Has been removed in Version 5.70.
      My ComputersSystem Spec

  6.    #5

    I'm still running WinRAR v4.0, never saw the need to upgrade???
      My ComputerSystem Spec

  7. DooGie's Avatar
    Posts : 5,454
    Wndows 10 x64 Pro version19H1 18358
       #6

    WinRAR have fixed the flaw in the latest beta releases.
      My ComputerSystem Spec

  8.    #7

    I have 5.40 and I deleted that .dll and the Ace32Loader.exe also. The 5.70 is a beta version and it s only in english language so I prefer not update to that
      My ComputerSystem Spec

  9. DooGie's Avatar
    Posts : 5,454
    Wndows 10 x64 Pro version19H1 18358
       #8

    mary7 said: View Post
    I have 5.40 and I deleted that .dll and the Ace32Loader.exe also. The 5.70 is a beta version and it s only in english language so I prefer not update to that
    No, 5.70 beta1 and beta2 is available in a few languages.

    WinRAR archiver, a powerful tool to process RAR and ZIP files
      My ComputerSystem Spec

  10. DooGie's Avatar
    Posts : 5,454
    Wndows 10 x64 Pro version19H1 18358
       #9

    WinRAR 5.70 final has been released. The flaw is fixed.

    WinRAR archiver, a powerful tool to process RAR and ZIP files
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Winrar Benchmark in PC Custom Builds and Overclocking
Here is my Winrar Benchmark score: 23749 208124 Download Link: WinRAR download and support: Download
I have .rar files associated with Win rar, except that after about file .r35, the association stops. While the first file (.rar) does set off the whole chain, the lack of association is a bit troublesome, as the ability to scan the icons helps file...
Solved Emergency Flash Player patch fixes zero-day critical flaw in AntiVirus, Firewalls and System Security
Emergency Flash Player patch fixes zero-day critical flaw | PCWorld
Solved WinRAR in Software and Apps
I did a reset on my Windows 10, I had winRAR.. now it's gone How do I get it for free again? This laptop was bought with winRAR on it..
is there an extensive or definitive list about what versions of windows 7/8/8.1 get what version of windows 10 w/ the reservations? as im planning on rolling back from Windows 8.1 to 7 then going to upgrade from there if its going to make Jack...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 11:41.
Find Us