Warning for WinRAR Users

[Corrine]

Latest WinRAR Vulnerability has Yet to be Patched | Malwarebytes Unpacked by Pieter Arntz.

This vulnerability, which as of now has not received a CVE ID yet, allows a remote attacker to create a compressed file and execute code on the victim’s computer when they are processing to open the infected compressed SFX archive.

As Pieter explained elsewhere:

Be extra careful when you receive SFX archives (.exe extension) because not only the compressed file could be dangerous, there can also be malicious code in the shell that gets triggered when you open the archive.

[Jasper The Rasper]

October 7, 2015 | BY Adam Kujawa

Hey Folks,

We here at Malwarebytes take pride in our ability to find the latest threats that users face on daily basis and do our best to not only block and remove them with our products but also inform the general public about their danger through our blog.

In a very few cases, we jump the gun in our efforts to explain a threat and end up posting information that hasn’t been thoroughly analyzed.

This is one of those cases.

We want to offer our most sincere apologies to WinRAR for any harm done by our reporting on a post first seen through the Full-Disclosure mailing list, we simply echoed the original reporting.

https://blog.malwarebytes.org/news/2015/10/redaction-winrar-vulnerability/