Internet Industry Search Engine

Nasty WinRAR bug is being actively exploited to install hard-to-detect malware
See More From:

Mar 14, 2019 9:10 PM 1+ week ago

Malicious hackers wasted no time exploiting a nasty code-execution vulnerability recently disclosed in WinRAR, a Windows file-compression program with 500 million users worldwide. The in-the-wild attacks install malware that, at the time this post was going live, was undetected by the vast majority of antivirus product.

The flaw, disclosed last month by Check Point Research, garnered instant mass attention because it made it possible for attackers to surreptitiously install persistent malicious applications when a target opened a compressed ZIP file using any version of WinRAR released over the past 19 years. The absolute path traversal made it possible for archive files to extract to the Windows startup folder (or any other folder of the archive creator's choosing) without generating a warning. From there, malicious payloads would automatically be run the next time the computer rebooted.

On Thursday, a researcher at McAfee reported that the security firm identified "100 unique exploits and counting" in the first week since the vulnerability was disclosed. So far, ...

Read More

Search Builder

(Click to add to search box)
Nasty WinRAR bug  instant mass attention  Windows startup folder  WinRAR bug  security firm  Bloomberg News  Ars Technica  web searches  AV providers  startup folder  post show  Conde Nast  computer rebooted  archive creator  archive files  Malicious hackers  Point Research  antivirus product  Nasty WinRAR bug  print millions  

**Content contained on this site is provided on an “as is” basis. 4Internet, LLC makes no commitments regarding the content and does not review it, so don't assume that it's been reviewed. What you see here may not be accurate and should not be relied upon. The content does not necessarily represent the views and opinions of 4Internet, LLC. You use this service and everything you see here at your own risk. Content displayed may be subject to copyright. Content is removed on a case by case basis. To request that content be removed, contact us using the following form: Contact Us.