One of the Reddit users drew attention to the vulnerability of the popular WinRAR archiver, from which users of cryptocurrency could potentially suffer. The bug that allowed to integrate the executable code into the system existed for 14 years, but only recently became public. This factor is likely to lead to the emergence of various exploits in the near future.
“This is how it works. You open the wrong RAR file through the unpatched version of WinRAR, and the data is loaded into the Windows startup directory. So, after the reboot, the exe file will start. Nobody updates WinRAR. There are probably at least 100 million computers with non-upgraded software, ”the author writes.
Launched in this way, the code may carry a number of threats to the user, including those used to steal cryptocurrency savings. As the simplest solution to the problem, it is proposed to install the latest version of WinRAR. For greater reliability, users should resort to the help of "cold" storage.
As the author of the message notes, the problem is observed not in WinRAR itself, but in the library, which is used for processing files in ACE format. Consequently, the vulnerability can manifest itself not only in WinRAR, but also in other programs that rely on the same library, for example, in Total Commander. WinRAR developers decided to stop supporting the ACE format in the latest version of their software.
“WinRAR is known for supporting all popular compression formats. Since UNACEV2.DLL has not been updated since 2005, and there is no access to its source code, it was decided to abandon support for ACE archives starting with version WinRAR 5.70. We highly recommend that you upgrade to version 5.70 immediately, ”reads the announcement on the developers site.
