The recent vulnerability of the file compression and decompression program, of files and folders, that allows remote code execution, affects billions of users around the world.
Some researchers from Check Point, an entity dedicated to cybersecurity, revealed the detailed data of this WinRAR flaw, an application that currently has more than 500 millions of users worldwide, which affects all versions of the program released in the last 19 years.
This error lies in the altered handling of an old library, under the name UNACEV2.DLL, by WinRAR through software that causes the program to extract compressed files in the ACE format.
Despite this, the WinRAR application detects the format according to the content of the compressed package, not by its extension, so if attackers decide to change the file extension to .rar, they will make the application not detect it.
Según los técnicos de Check Point, encontraron un error “Absolute Path Traversal” lo que permite al atacante ejecutar código y descargar archivos malicioso en tu sistema.
Se recomienda actualizar a la última versión de WinRAR y que no se descompriman archivos que no conocen su fuente.