DESCRIPTION:
Researchers have discovered a security vulnerability in WinRAR (CVE-2023-38831). Due to improper handling of ZIP files, attackers can create malicious ZIP or RAR archives that contain normal files and a folder with a malicious executable file with the same name. When the victim is tricked into opening the normal file, the malicious executable file in the same-named folder will be triggered to execute, resulting in arbitrary code execution. Relevant research suggests that the vulnerability was exploited by hackers as early as April 2023.
AFFECTED RELEASES:
WinRAR version 6.22 and below
SOLUTION:
To update WinRAR to version 6.23 or later, follow these steps:
1. Open WinRAR.
2. Click Help > About WinRAR > Homepage.
3. Go to the homepage and download the WinRAR 6.23 or later version to replace the existing version.
REFERENCE:
1. https://nvd.nist.gov/vuln/detail/CVE-2023-38831
2. https://www.ithome.com.tw/news/158421
3. https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/
4. https://rahadchowdhury.medium.com/cve-2023-38831-winrar-zero-day-vulnerability-manually-exploit-45e5a5a504d