Warning: Critical WinRAR Flaw Affects All Versions Released In Last 19 Years

[darktwilight]

It's reported that only in version WinRar 5.70 Beta 1 these critical vulnerabilities has been fixed.

Quote: CRITICAL VULNERABILITIES HAVE BEEN IMPACTING WINRAR FOR ALMOST 20 YEARS
Over 500 million WinRAR users could have been exposed; update your software as soon as possible
Source: https://www.securitynewspaper.com/2019/0...-20-years/

In German from another source:

Quote:ACE-Format: Kritische Lücke in WinRAR erst nach 14 Jahren entdeckt
Translate :ACE format: Critical vulnerabilities in WinRAR not discovered until 14 years later
Source: https://www.computerbase.de/2019-02/ace-...ke-winrar/

That shows it's sometimes possible to discover critical vulnerabilities in programs and systems.

Only "sometimes by chance" or issues such vulnerabilities can be detected during intensively analysis.  

Kind regards

[hanso]

Beware Windows users... a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide.

Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the software released in last 19 years.

The flaw resides in the way an old third-party library, called UNACEV2.DLL, used by the software handled the extraction of files compressed in ACE data compression archive file format.

However, since WinRAR detects the format by the content of the file and not by the extension, attackers can merely change the .ace extension to .rar extension to make it look normal.

Read the full news here.

[Deep900]

Thanks for this share guys, this is very important in terms of security and reliabiity.

[silversurfer]

WinRAR 5.70 Beta 2

Changelog: WinRAR archiver, a powerful tool to process RAR and ZIP files

Download: WinRAR archiver, a powerful tool to process RAR and ZIP files

[jasonX]

Hi guys, 

I ask the WinRAR developer about this and this is his reply about the workaround. Which is either to (1) upgrade to WinRAR 5.70 beta 1 and 2 or (2) just delete the file "UNACEV2.DLL " manually from it's location. See quoted text below. 

Hello,

UNACEV2.DLL library which we used in WinRAR 5.61 and earlier to unpack
ACE files was vulnerable to directory traversal attack with a specially
crafted ACE archives. We already published WinRAR 5.70 beta 1 and 2
without this library and these 5.70 betas are not vulnerable.

Those users who do not want to upgrade to 5.70 just now, can delete
UNACEV2.DLL file to prevent this attack. Depending on WinRAR version,
UNACEV2.DLL can be resided either in WinRAR program folder or in Formats
subfolder of WinRAR program folder. Just delete this file manually
and it will prevent such attack.

Meanwhile we are working on WinRAR 5.70 release.

The downloads links for WinRAR 5.70 beta 1 and 2 are posted above by silversurfer

As mentioned above if you do not want to upgrade to ver5.70 now, users can just delete the file below manually, 

UNACEV2.DLL file 

in the Program Files folder (or in Formats subfolder of WinRAR program folder)

[jasonX]

WinRAR 5.70 is out see below (from silversurfer),

Post#3
https://www.geeks.fyi/showthread.php?tid=88&highlight=WinRAR

The "UNACEV2.DLL file" as well as "ACE support" has been removed completely (as informed by WinRAR developer)

[jasonX]

A true-informative review of WinRAR 5.70 will be posted soon in the reviews section. Watch out for it soon!