Warning for Winrar users (REDACTION on 7 October)

Started by Metallica, September 30, 2015, 10:45:27 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

Metallica

September 30, 2015, 10:45:27 AM
Latest WinRAR Vulnerability has Yet to be Patched: https://blog.malwarebytes.org/security-threat/2015/09/latest-winrar-vulnerability-has-yet-to-be-patched/

POC: http://seclists.org/fulldisclosure/2015/Sep/106

Be extra careful when you receive SFX archives (.exe extension) because not only the compressed file could be dangerous, there can also be malicious code in the shell that gets triggered when you open the archive

hayc59

#1
September 30, 2015, 05:58:15 PM
right on and thank u for the heads up!! I do a lot of music :)
would not want some bad ass sheat hitten my pc

9.11.01
"The most beautiful flower loses her beauty one day, but a hard faithful friend an eternity"
"Beauty that is not hidden to deepest of my soul can be seen that with eyes of the heart"
'Never Forget'

Metallica

#2
October 01, 2015, 09:36:30 AM
Looking at the reaction of RARlab they will be in no hurry to fix this issue

http://www.v3.co.uk/v3-uk/news/2428326/winrar-critical-flaw-leaves-millions-open-to-compressed-file-attacks
QuoteExecutable files are potentially dangerous by design. Run them only if they are received from a trustworthy source. WinRAR SFX archives are not less or more dangerous than other exe files,

Fails to see that if a file does what you expect it to do, you may fail to notice that it does something else as well.

Corrine

#3
October 01, 2015, 05:01:02 PM
That certainly is a blaze attitude.


Take a walk through the "Security Garden" -- Where Everything is Coming up Roses!

Remember - A day without laughter is a day wasted.
May the wind sing to you and the sun rise in your heart.

Jasper The Rasper

#4
October 07, 2015, 05:00:37 PM
October 7, 2015 | BY Adam Kujawa

QuoteHey Folks,

We here at Malwarebytes take pride in our ability to find the latest threats that users face on daily basis and do our best to not only block and remove them with our products but also inform the general public about their danger through our blog.

In a very few cases, we jump the gun in our efforts to explain a threat and end up posting information that hasn’t been thoroughly analyzed.

This is one of those cases.

We want to offer our most sincere apologies to WinRAR for any harm done by our reporting on a post first seen through the Full-Disclosure mailing list, we simply echoed the original reporting.

https://blog.malwarebytes.org/news/2015/10/redaction-winrar-vulnerability/
Print
Go Up Pages1
User actions