Skip to content

Using WinRAR? Be sure to patch against these code execution bugs… – Naked Security

The venerable RAR program, also known as Roshal’s Archiver, has been a staple in file sharing and software distribution for decades. One of its key features is its built-in error recovery and file reconstruction capabilities. In the early days of the internet, transferring large files was a challenge. They were either split across multiple floppy disks or uploaded as compressed chunks to save space. If any part of the file went missing or got deleted, it would be impossible to recover it. RAR solved this problem by introducing recovery volumes, which stored error correction data. This meant that multi-part archives could be automatically and completely recovered, even if some parts were lost.

RAR archives up to version 4 used parity correction, while newer versions use Reed-Solomon codes, which are more powerful and complex. Parity-based correction relies on the XOR operation, where two values are compared to determine if they are true or false. This operation is similar to choosing between coffee or tea – you can only have one or the other, not both. By XORing data chunks together, a parity chunk is created, allowing for the reconstruction of any missing chunk.

However, a recently discovered bug, CVE-2023-40477, has exposed a vulnerability in WinRAR. This bug can be triggered when the program utilizes its data recovery system. A specially crafted archive can trick WinRAR into writing data outside of its allocated memory, leading to a buffer overflow vulnerability. This can result in the execution of unintended program code instead of treating the data as regular information. Although this bug requires user assistance to be exploited, it still poses a security risk.

Another security bug was also patched in the latest WinRAR release, which allowed for the launching of the wrong file from a specially crafted archive. While this bug may seem less severe, it has been exploited in real-life scenarios, especially in forums related to trading, investment, and cryptocurrency. This bug was specific to the unpacking of ZIP files, highlighting the longstanding cybersecurity issues associated with ZIP archives.

To protect against these vulnerabilities, WinRAR users should ensure they are using the latest version. Unfortunately, there is no automatic update system, so users need to manually download and run the new installer. Programmers should also review legacy code in their software and consider implementing fuzzing techniques to test for misbehavior. Fuzzing involves testing software with millions of malformed and incorrect inputs to identify potential vulnerabilities. It is essential to test input routines against various file types, not just those created by the software itself.

In conclusion, while RAR and WinRAR have been reliable tools for file compression and distribution, recent vulnerabilities have highlighted the importance of staying updated and implementing robust security practices. By addressing these issues promptly and adopting proactive security measures, users can continue to benefit from the convenience and functionality that RAR and WinRAR offer.

Leave a Reply

Your email address will not be published. Required fields are marked *