Shulou(Shulou.com)11/24 Report--

CTOnews.com August 24 news, following Zero Day Initiative (ZDI), the security company Group-IB released a blog post yesterday, revealing a zero-day vulnerability in WinRAR compression software CVE-2023-38831, which has been fixed in version 6.23.

ZDI previously exposed zero-day vulnerability tracking number CVE-2023-40477 CVSS score of 7.8 (a total score of 10, the higher the score means more destructive), hackers can use this vulnerability to create RAR files, once the victim decompresses the file, the system will be infected, hackers can remotely execute arbitrary code.

The zero-day vulnerability in CVE-2023-38831 exposed by Group-IB today dates back to April this year, and there is evidence that malware families such as DarkMe,GuLoader and Remcos RAT have exploited this vulnerability for distribution.

It is reported that attackers use this vulnerability to create malicious .RAR and .ZIP compressed files that contain seemingly harmless files such as JPG (.jpg) images, text files (.txt) or PDF (.pdf) documents.

Once users unzip these files, they will install malware on the device through script. current findings show that at least 130 devices have been infected and that the damage cannot be confirmed.

CTOnews.com is attached to the original report, interested users can read in depth, it is recommended to use WinRAR users to upgrade as soon as possible to avoid being affected by the problem, download address: https://www.win-rar.com/download.html.

Related readings:

"Please upgrade WinRAR to version 6.23 and later as soon as possible. The new vulnerability can execute arbitrary code remotely."

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.