WinRAR Has a Severe Security Flaw: Update Your PC Now

How-To Geek

By Andrew Heinzman

Published Aug 21, 2023

Hackers may exploit this flaw to enable arbitrary code execution.

Andrew Heinzman / How-To Geek

Readers like you help support How-To Geek. When you make a purchase using links on our site, we may earn an affiliate commission. Read More.

A severe WinRAR vulnerability discovered by Zero Day Initiative could allow hackers to execute arbitrary code on your PC. Users should install the latest WinRAR update (version 6.23) to patch this vulnerability. Note that WinRAR does not offer automatic updates, so this release must be installed manually.

The vulnerability, which is identified as CVE-2023-40477, allows hackers to execute arbitrary code when a target opens a malicious RAR archive. According to Zero Day Initiative's public warning, "this issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an allocated buffer." RARLAB says that the flaw is located in WinRAR's "recovery volumes processing code," but doesn't elaborate any further.

Because this specific exploit requires user interaction (you must open a malicious archive), it has received a 7.8 severity rating from the CVSS. It isn't a "critical" vulnerability, but if you're the kind of person who downloads random RAR archives from seedy websites, you should take this very seriously. At the time of writing, there is no evidence that hackers have exploited CVE-2023-40477 in the real world, though this may change as the vulnerability has become public knowledge. For reference, RARLAB and Zero Day Initiative have only revealed the existence of this exploit — they haven't explained exactly how it is performed.

Note that WinRAR has been affected by similar vulnerabilities in the past. The software's lack of automatic updates is ideal for IT departments, but it's proven to be a bit of a headache for average users. The good news is that Windows 11 is developing native RAR support, or you can use other third-party software to open .rar files, such as 7-Zip. If you want to test Windows 11's native RAR support today, you must be a Windows Insider.

To patch this vulnerability, download the latest WinRAR release, or check that you have version 6.32 or later. Even if you aren't worried about this specific vulnerability, updating WinRAR will patch previous bugs and exploits. It may also provide some UI improvements, assuming that you haven't updated in several years.

Source: Zero Day Initiative via Bleeping Computer