News

1751 readers

1 users here now

Breaking news and current events worldwide.

founded 1 year ago

WinRAR flaw lets hackers run programs when you open RAR archives (www.bleepingcomputer.com)

submitted 10 months ago by [email protected] to c/[email protected]

10 comments fedilink hide all child comments

A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 1 points 10 months ago (1 children)

How does an unchecked buffer overrun result in dropping to a shell inside the containing process though?

[–] [email protected] 1 points 10 months ago

I'm not super clear on that, and I'm eager to have someone inform/correct me, but here's my understanding:

It's like a crash. The running program tells the system to address memory that is not available to be addressed, and the system goes "Uh, what?" and drops into a state where it has stopped following the code from the initial thread (which I am sure is not the right terminology) and waits blankly for new code to be received.

Then the still running-but-"hung" process delivers that "arbitrary code," and the system dutifully executes it.