قالب وردپرس درنا توس
Home https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ Technology https://server7.kproxy.com/servlet/redirect.srv/sruj/smyrwpoii/p2/ WinRAR patched 19-year-old bug that left millions vulnerable

WinRAR patched 19-year-old bug that left millions vulnerable



A detailed blog post, Check Point explained that by renaming and ACE file with a RAR extension, hackers could manipulate WinRAR to extract a malicious program to a computer's startup folder. The program would run automatically when your computer started. Check Point says the flaw existed for 1

9 years . In response to the blog post, WinRAR was quick to patch the vulnerability, releasing a version 5.70 beta 1 in which it dropped support for ACE archives. Turns out of the company using a third party tool to unpack ACE archives anyway, and it has not been updated since 2005.

There have been no reported attacks using this bug. But 19 years is pretty long time to have a flaw like this, and with 500 million users potentially exposed, we would say this is a major oversight on WinRAR's part. If you are one of the millions still using WinRAR, this would be a good time to update the software. The lesson for all of us is what you did on your PC 20 years ago can indeed come back to haunt you.


Source link