• New WinRAR malware exploit discovered
    49 replies, posted
https://thehackernews.com/2019/02/winrar-malware-exploit.html https://www.youtube.com/embed/R2qcBWJzHMo "Beware Windows users... a new dangerous remote code execution vulnerability has been discovered in the WinRAR software, affecting hundreds of millions of users worldwide. Cybersecurity researchers at Check Point have disclosed technical details of a critical vulnerability in WinRAR—a popular Windows file compression application with 500 million users worldwide—that affects all versions of the software released in last 19 years." "Since the WinRAR team had lost source code of the UNACEV2.dll library in 2005, it decided to drop UNACEV2.dll from their package to fix the issue and released WINRar version 5.70 beta 1 that doesn't support the ACE format. Windows users are advised to install the latest version of WinRAR as soon as possible and avoid opening files received from unknown sources."
7zip reigns supreme as always
don't need to remind you something similar with 7z happened around last year iirc
don't forget to purchase winrar license guys
But they're open source and can actually fix issues when that crop up
Anyone who uses WinRAR in 2019 is a monster...
Not too surprised, archival programs have had path traversal vulnerabilities since the beginning of time and some even still allow absolute and relative path traversal in their specification.
This is what happens when people don't buy WinRAR.
i would purchase a winrar license if ricardo told me to
look i tried 7zip 2 years ago but it couldn't open some obscure compressed file while winrar unzipped it flawlessly
I actually did.
What file extension/algo was that? I'm sorry you can't join us in the future
If it aint broke dude. Had no problems with it in the past at all so why would I change? Never got the mentality of changing to the newest thing just because it was new.
Simmer down hotshot, it's a joke.
Does Winrar still popup asking you to buy it each time? That's why I switched to 7zip.
Last time I checked it still does, but I started with 7z from the start.
Pretty minor inconvenience all things considered.
I remember having WinRAR and 7zip at the same time a few years ago, but some files 7zip couldn't open and WinRAR did, so I stuck with that. Is it worth switching to 7zip instead of getting the WinRAR beta?
Forgive me for not being able to understand a reasonable position as a joke through text.
so i can either have a minor inconvenience or no inconvenience
There's also the issues 2 people have confirmed of not being able to open specific files that Winrar was able to. I find that more inconvenient personally.
That's fair. In that case I would also download WinRar for those specific files and then use 7zip for literally everything else.
I just use both. There are still times where 7zip just doesn't work for certain archives. Sometimes 7zip opens things winrar doesn't. So its just handy to have both.
Clearly you peasants haven't used the clearly superior IZARC.
The worst part is that a lot of archives are put together in a way that can ONLY be handled by winrar. But that's not really the fault of 7zip or peazip (what I use,) it's winrar's fault for being closed-source proprietary bullshit.
is it a coincidence that this was due to Rar files?
I never "open" winrar, i just use the right-click context menu in explorer. (Which is much faster anyways) So i never see the popup.
Winrar is so great that it tells you a hilarious joke each time you use it
If we're going with anecdotes about opening files, I had quite a few issues with WinRAR not unzipping archives properly and spitting out corrupted results that were fixed upon switching to 7zip, and haven't encountered issues since, plus not being inconvenienced by "buy now!" prompts every time I just want to unzip something.
It took a year of using 7zip to train the instinctive wait for the notification to come up and click it away behaviour that had been ingrained into me.
Sorry, you need to Log In to post a reply to this thread.