WinRAR News and Updates

[Bapun]

WinRAR 5.00 Beta 2 (32-bit)

# When adding an incompressible file to non-solid RAR archive, beta 1 could duplicate the first megabyte of archived file, resulting in damaged file.
# "Add to archive..." context menu command could place a created archive to a wrong folder.

Download WinRAR 5.00 Beta 2 (32-bit) - FileHippo.com

 

[Karthik]

WinRAR 5.00 Beta 4 (32-bit)

Download WinRAR 5.00 Beta 4 (32-bit) - Download - FileHippo.com

 

[Kuttusan]

WinRAR 0-day that uses poisoned JPG and TXT files under exploit since April

Vulnerability allows hackers to execute malicious code when targets open malicious ZIP files.

arstechnica.com

 

[Bapun]

In recent weeks, Google’s Threat Analysis Group’s (TAG) has observed multiple government-backed hacking groups exploiting the known vulnerability, CVE-2023-38831, in WinRAR, which is a popular file archiver tool for Windows. Cybercrime groups began exploiting the vulnerability in early 2023, when the bug was still unknown to defenders.

Government-backed actors exploiting WinRAR vulnerability

Google's Threat Analysis Group analyzes recent state-sponsored campaigns exploiting the WinRAR vulnerability, CVE-2023-38831.

blog.google

 

[Bapun]

https://twitter.com/x/status/1840770754066956399