all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

WinRAR's latest release fixes a dangerous RCE security vulnerability

Add to bookmarks
Aug. 21, 2023, 1:41 p.m. | Alfonso Maruccia

TechSpot www.techspot.com


Zero Day Initiative (ZDI) recently discovered a high-severity vulnerability in WinRAR, the Windows-only application developed by Eugene Roshal for managing RAR archives. Tracked as CVE-2023-40477, the bug is described as an improper validation of array index while processing recovery volumes. In the worst-case scenario, the flaw could be exploited to...

Read Entire Article

application archives array bug case cve exploited fixes flaw high initiative latest rar rce recovery release scenario security security vulnerability severity validation vulnerability windows winrar zdi zero day initiative

Visit resource

More from www.techspot.com / TechSpot

BASIC's 60th anniversary reminds us of the language that democratized programming, as AI threatens to … 18 hours ago | www.techspot.com
anniversary automate basic coding +11
Nvidia RTX 4090 can crack complex 8-character passwords in minutes 20 hours ago | www.techspot.com
algorithms bcrypt can crack +18
Nvidia thinks its GPUs are better for onboard AI than NPUs 1 day, 10 hours ago | www.techspot.com
applications card companies earnings +16
Devious "Brokewell" trojan masquerades as Chrome browser update to steal your banking data 1 day, 18 hours ago | www.techspot.com
banking brokewell browser chrome +16
Google flexes security muscle, says it stopped 2.28 million rogue apps from hitting Play Store … 1 day, 23 hours ago | www.techspot.com
apps defenses developer google +16
UK becomes first country to outlaw easily guessable default passwords on connected devices 3 days, 1 hour ago | www.techspot.com
act and telecommunications article connected +17
WordPress plugin vulnerability poses severe security risk, allows for site takeovers 3 days, 20 hours ago | www.techspot.com
automatic compromised customers exploiting +17
FTC accuses Jeff Bezos and Amazon CEO Jassy of using auto-deleting messages to obstruct antitrust … 3 days, 21 hours ago | www.techspot.com
amazon antitrust app april +18
Millions of devices still vulnerable to abandoned USB worm, continues to spread globally 3 days, 21 hours ago | www.techspot.com
connected copy devices drive +11

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

SITEC- Systems Security Administrator- Camp HM Smith

@ Peraton | Camp H.M. Smith, HI, United States
View on infosec-jobs.com

Cyberspace Intelligence Analyst

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com

General Manager, Cybersecurity, Google Public Sector

@ Google | Virginia, USA; United States
View on infosec-jobs.com

Cyber Security Advisor

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com

Engineering Team Manager – Security Controls

@ H&M Group | Stockholm, Sweden
View on infosec-jobs.com
View more jobs