User interaction is required to exploit this vulnerability. Attackers could utilize affected archives to distribute malware. A vulnerability was discovered in the processing of ZIP format. We would like to thank goodbyeselene in collaboration with Trend Micro Zero Day Initiative for reporting this bug.įixed in new WinRAR Beta Version 6.23, released: Ĭritical Bug: CVE-2023-38831. This is fixed in the RAR4 recovery volume processing code. The vulnerability allows remote attackers to execute arbitrary code on affected installations. Previously, they were deleted only on next WinRAR runs and only if they were at least 1 hour old.Ĭritical Bug: CVE-2023-40477. Rar$LS* temporary files, created when extracting or testing multiple archives from the Windows context menu, are now deleted immediately. Endpoint Detection & Response for ServersĪdded extraction of XZ archives utilizing ARM64 filter.
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |