Your IT Consultant

WinRAR Bug Puts Around 500 Million Users at Risk

October 1, 2015

Most users are aware of the Zip file format that can create a compressed archive of files/folders. File archiving became popular as a way to compress data into a much smaller package for transmission or transfer over limited storage devices (e.g. 360K floppies, 1.2MB floppies, etc.) or over dial up modem Internet connections. (yes they still exist.) There are several compression utilities available for Windows users such as 7-Zip, WinZip and WinRAR. Even the modern Windows operating systems have built-in file compression that can handle several file compression formats.

Recently, a bug has been discovered in the current version (5.21) of WinRAR that allows hackers to remotely execute system code and compromise victims' machines. That means around 500 million users are at risk. The creators of WinRAR posted a statement that basically says that things are working as designed. They even give an example of how to use Putty (a commonly used remote console tool) in an SFX archive to cause damage. Oh well, I’ll stick with my copy of WinZip for now and scan all archives for malware prior to execution.

E-mail:   Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
http://www.senseient.com