For users with might consider themselves of a certain ‘vintage’, they will almost certainly have come across the archiving/zipping tool WinRAR in their cyber travels.
For those that don’t know, in medieval times, the ability to compress and uncompress (zip/unzip) files and folder wasn’t natively baked-in to Windows and other operating systems. If you want to compress files (a must in bandwidth starved old day) you would have to purchase dedicated software for doing this such as WinRAR, PKZip, etc.
Vulnerability details
WinRAR is a great tool due to its support for multiple types of compression but unfortunately that has also been its undoing. One of the software libraries in it (chunks of packaged code) used for a compression type called ACE Archive has a recently discovered vulnerability in it that has existed for 19 years!
The vulnerability was discovered by Check Point Research, you can read the full technical article here but in summary, opening a booby-trapped file drops files in to locations on a users hard drive, including the start-up folder, opening the door for a serious breach.
Scope of the problem
If WinRAR’s claims of its user based are to be believed, there are 500 million users out there with WinRAR installed so even with a large pinch of salt, that’s a lot of vulnerable systems. The most obvious way of targeted users will be phishing attacks tricky users in to downloading malicious archive files.
In terms of how many exploits are being used by hackers, back in February McAfee said that there were “over 100 unique exploits and counting, with most of the initial targets residing in the United States”.
The fact that companies like Zerodium are offering significant bounties for this sort of exploit, illustrates how valuable they can be in the wrong hands.
Next steps
If you have WinRAR installed, there’s an excellent chance its a vulnerable version (unless you’ve installed in the past month or two) so update or replace it. A good free alternative is 7-Zip available from here:
https://www.7-zip.org/.
