WinRAR flaw lets hackers run programs when you open RAR archives - eviltoast
  • d3Xt3r@lemmy.nz
    link
    fedilink
    English
    arrow-up
    41
    arrow-down
    8
    ·
    1 year ago

    However, from a practical perspective, deceiving users into performing the required action shouldn’t be overly challenging, and given the vast size of WinRAR’s user base

    Excuse me, but “vast” size of WinRAR’s user base? I didn’t know WinRAR even had any users left.

    • kuneho@lemmy.world
      link
      fedilink
      English
      arrow-up
      23
      arrow-down
      1
      ·
      1 year ago

      9 out of 10 people I know use WinRAR. It’s amongst the very firsr software they install at fresh start.

      I myself also just changed to 7-Zip around… I don’t know, a year ago?

      • d3Xt3r@lemmy.nz
        link
        fedilink
        English
        arrow-up
        13
        ·
        1 year ago

        Which part of the world is this, if you don’t mind me asking? (just genuinely curious, cause I haven’t come across any WinRARs in the wild here in NZ, most folks I know use either 7-Zip or PeaZip).

        • kuneho@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          I’m from Europe, in the embrace of the Carpathian Mountains :)

          before WinRAR, people used WinZIP here in the '00s (at least Windows folks). Again, a strange choice, I know.

        • KnightontheSun@lemmy.world
          link
          fedilink
          English
          arrow-up
          5
          ·
          1 year ago

          Am in the US and used winrar for a long time as it was integrated into Usenet binaries as rar files. It was embedded with some other software.

    • Mr. w00t@lemy.lol
      link
      fedilink
      English
      arrow-up
      9
      ·
      1 year ago

      Well, even FAR manager which they’ve open-souced long time ago is still maintained 😀 Good thing they didn’t discover this bug in 2000s!

      • d3Xt3r@lemmy.nz
        link
        fedilink
        English
        arrow-up
        8
        ·
        1 year ago

        That looks quite interesting, seems like they’ve even got quite an extensive list of plugins - looks like may be even better than Midnight Commander. :o

      • kuneho@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        Ah, FAR manager.

        I used it last time around… 15 years ago to apply VKP patches on my Sony Ericsson phones :P like making my K750i into a ‘W750i’ with W800i software, adding GFX and Acoustic patches…

      • Scrof@sopuli.xyz
        link
        fedilink
        English
        arrow-up
        2
        arrow-down
        1
        ·
        1 year ago

        I’m still using sweet FAR Manager, absolute baller of a software.