WinRAR flaw... by John Gruener

WinRAR flaw [General]

By: John Gruener Orlando, Florida
Date: Aug 19,2023 at 01:00
In Response to: [General] WinRAR flaw lets hackers run programs when you open RAR archives (Paul Laufer)

> WinRAR flaw lets hackers run programs when you open RAR archives
>
> https://www.bleepingcomputer.com/news/se...-programs-when-you-open-rar-archives/
>
> I have these files in my Ztree folder...
>
> unrar.dll 267,992 .a.. 5-23-23 12:28:50 pm
> Version: 5.71.0 [5.71.100.3045]
>
> unrar64.dll 320,728 .a.. 5-23-23 12:28:50 pm
> Version: 5.71.0 [5.71.100.3045]
>
> Should I be worried?

Paul,

You need not be worried unless you open RAR files that come from questionable sources.

The DLL versions you have are supplied by Kim in his updates. The dates of those files are actually 4-27-19 (not 5-23-23).

As noted by BleepingComputer, the current version which fixes the flaw is 6.23.0. I expect Kim will provide the updated versions in his next Zeta.

Meanwhile, if you are still concerned, you can download the UnRARDLL.exe package here:
https://www.rarlab.com/rar/UnRARDLL.exe
extract those two files from that, and replace them in your ZTree directory.

- John

179 views

Post a Response

Messages in this Thread

[General] WinRAR flaw lets hackers run programs when you open RAR archives (178) - Paul Laufer - Aug 18,2023 at 21:15 [General]
- WinRAR flaw (179) - John Gruener - Aug 19,2023 at 01:00
  - WinRAR flaw (154) - John Leslie - Aug 20,2023 at 14:02
- Statement from RARLAB (134) - Matthias Kring - Aug 29,2023 at 11:22