all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Serious RCE Bug Fixed in WinRAR

Add to bookmarks
Aug. 29, 2023, 1:50 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Researchers are encouraging organizations to update their installations of the WinRAR utility as soon as possible after the disclosure of a serious vulnerability that could allow an attacker to execute remote code.


The flaw is an out-of-bounds write in some versions of WinRAR, and although it can lead to remote code execution, it requires user interaction for the exploit to work, which mitigates the risk somewhat.


“This vulnerability allows remote attackers to execute arbitrary code on affected installations of RARLAB …

bug code code execution disclosure execute remote code flaw organizations out-of-bounds out-of-bounds write rce remote code remote code execution researchers serious update utility vulnerability winrar

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Ransomware attacks fewer but more aggressive: What to do 2 hours ago | malware.news
article attacks link media +4
Why Reddit's new content policy is a big win for user privacy 2 hours ago | malware.news
article big changing companies +13
Feds, military personnel compete in President's Cyber Cup Challenge 2 hours ago | malware.news
agency article can career +20
A new alert system from CISA seems to be effective — now we just need … 2 hours ago | malware.news
alert challenges cisa companies +10
Next Gen Threats, CTEM Essentials, & Proactive MDR - Randy Watkins, Paul Reid, Zaira Pirzada … 3 hours ago | malware.news
amp article ctem gen +8
NSA: State-backed attackers are not after your data — they're targeting CI 3 hours ago | malware.news
advanced advanced persistent threat agency apt +21
CVE-2024-21115: An Oracle VirtualBox LPE Used to Win Pwn2Own 3 hours ago | malware.news
april blog bug can +17
Cybersecurity incident impacts operations at Ascension hospitals 4 hours ago | malware.news
article ascension cybersecurity cybersecurity incident +15
BTS #29 - Supply Chains, Firmware, And Patching - Jason Kikta 4 hours ago | malware.news
attacks challenges current defending +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Corporate Security Specialist - 2nd shift (12pm-8pm)

@ Perrigo Company | Grand Rapids, MI, US, 49503
View on infosec-jobs.com

Lead Engineer, Network Security -Network

@ Singtel | Singapore, Singapore
View on infosec-jobs.com

DevSecOps Engineer

@ Moveworks | Remote, USA
View on infosec-jobs.com

Systems Engineer - Cyber Security

@ Penske | Tampa, FL, United States
View on infosec-jobs.com

(Senior) Security Analyst (m/f/x)

@ REWE International Dienstleistungsgesellschaft m.b.H | Wiener Neudorf, Austria
View on infosec-jobs.com

Tier 3 Analyst- Red Team

@ Resource Management Concepts, Inc. | Quantico, Virginia, United States
View on infosec-jobs.com
View more jobs