High-Severity Flaw Found in WinRAR Utility

posted  22 Aug 2023
Photo - High-Severity Flaw Found in WinRAR Utility
A significant security vulnerability has been identified in the WinRAR utility, potentially allowing threat actors to execute remote code on Windows systems. Dubbed CVE-2023-40477, this flaw arises from improper validation during recovery volume processing.

To take advantage of this, users would need to be tricked into visiting a malicious webpage or opening a compromised archive file.

The flaw, discovered by a researcher named goodbyeselene, was reported on June 8, 2023, and addressed in WinRAR 6.23 on August 2, 2023. Users are urged to update to the latest version for protection.