WinRAR flaw lets hackers run programs when you open RAR archives - eviltoast

The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened.

RARLAB released WinRAR version 6.23 on August 2nd, 2023, effectively addressing CVE-2023-40477.

https://www.zerodayinitiative.com/advisories/ZDI-23-1152/

    • lnxtx@feddit.nl
      link
      fedilink
      English
      arrow-up
      3
      ·
      1 year ago

      Yes, many people in an office environment. Just habit like the Total Commander :|

      Back in the time, it offered much better compression ratio than popular (Win)Zip. And it has SFX feature.

    • Never_Sm1le@lemdro.id
      link
      fedilink
      English
      arrow-up
      2
      ·
      1 year ago

      For people compressing things a lot, winrar is much more productive than 7z. I can easily set up default profile in winrar (best compression quality + delete files after archiving) but can’t do this with 7z