A recently discovered security vulnerability, known as a 0-day exploit, is being targeted with poisoned JPG and TXT files. The exploit was first discovered in April and has the potential to negatively impact users of the popular WinRAR file archiver.
The exploit works by exploiting a buffer overflow vulnerability in WinRAR, a program commonly used to compress and decompress files such as pictures, documents, and archives. By sending a maliciously crafted file containing a specially crafted JPG image or TXT text file, an attacker can gain the ability to run arbitrary code on the affected system.
The vulnerability is rated as “high” severity due to its ability to remotely compromise the victim’s system. It works against all supported versions of WinRAR, which includes 5.50, 5.61, and 5.70, meaning that millions of users could potentially be impacted. Unfortunately, there are currently no fixes or workarounds available for this exploit.
The exploit was first discovered by security researcher Oren Hafif and reported to WinRAR. In response, WinRAR issued an advisory noting that the vulnerability was patched in an update to the software released in January 2021. In addition, they advised users to update their WinRAR programs to the latest version to protect against the exploit.
The exploit has potential to become a major issue for WinRAR users if it isn’t addressed quickly. Although the exploit was patched in January, there is no telling how widely this exploit has been used or could be used in the future. Given that this is an 0-day exploit, it is likely that attackers have had the capability to exploit this vulnerability for months.
For this reason, it is important for WinRAR users to update to the latest version as soon as possible. Users should also be aware of the potential dangers posed by maliciously crafted JPG and TXT files contained in archives or attachments they receive. By taking these precautionary steps, users can help protect themselves from the WinRAR 0-day exploit.