Google provides a detailed analysis of the vulnerability in the blog post. In other words: WinRAR users have not updated the archiving software to version 6.23 or newer since the release in August 2023. While a patch is available, Google notes that "many users still seem to be vulnerable". First exploits of the issue began in early 2023, a time when anti-malware services and the maker of WinRAR were unaware of the vulnerability. Google discovered that multiple government-backed hacking groups are exploiting the WinRAR's CVE-2023-38831 vulnerability in recent weeks. Google's report on the WinRAR vulnerability WinRAR users can patch the issue by downloading and installing the latest version, which is WinRAR 6.24 at the time of writing. It allowed malicious actors to run code on devices on successful exploitation of the vulnerability.Īll it requires is that users open a specially crafted WinRAR archive on their devices. We published information about the WinRAR update that addressed the issue in August when it first came out.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |