WinRAR software exposes serious security vulnerability, user data is at risk

1. According to news on October 19, a serious security vulnerability was exposed in the popular compressed file management software WinRAR. The vulnerability was named CVE-2023-38831. The existence of this vulnerability provides the possibility for hackers to execute arbitrary code on the user's computer through malicious files, thereby threatening the user's data and privacy security.

2. It is understood that Google’s Threat Analysis Group (TAG) has revealed that this vulnerability has been exploited by multiple cybercriminal organizations as early as early 2023. At the time, security experts were unaware of the vulnerability's dangers. Although WinRAR has released a repair patch, a large number of users still fail to update the software in time and are still facing potential risks.
3. It is understood that the attacker’s strategy is to place a seemingly harmless file (such as a PNG image) in a ZIP compressed file and then open it with the help of WinRAR. This is because there is a vulnerability in the Windows system when processing file names with spaces, causing WinRAR to execute the malicious code in the ZIP archive.
4. Google’s update notes point out: “When the user double-clicks a file named ‘poc.png_’ (underscore represents a space) on the WinRAR interface, WinRAR before version 6.23 will execute ‘poc.png_/poc.png_ .cmd'."
5. In order to maintain the security of the computer, it is recommended that users go to the WinRAR official website to download and install the latest version of the software as soon as possible. This action will help reduce potential risks and ensure the security of user data and privacy.

The above is the detailed content of WinRAR software exposes serious security vulnerability, user data is at risk. For more information, please follow other related articles on the PHP Chinese website!