Cryptocurrency holders warned about WinRAR vulnerability.

Journalist Colin Wu warned cryptocurrency holders about the potential risk of losing funds due to a discovered critical vulnerability in the popular archiver WinRAR.

\n

“The problem arises due to the absence of proper validation of user data when processing recovery volumes, which could lead to memory access beyond the allocated buffer,” the vulnerability bulletin says.

\n

The identified bug allowed attackers to remotely run malicious code on a live system, provided the user opened a specially crafted RAR archive.

\n

“Cryptocurrency holders are advised to exercise caution with updates and financial risks, and to remember that the ‘WinRAR vulnerability detection tool’ may be a malicious phishing program,” Colin Wu wrote.

\n

The vulnerability was first discovered on June 8. In the new version of the program, it has been fully addressed.

\n\n\n

Earlier ForkLog reported that hackers from Russia used WinRAR to destroy data in attacks on Ukraine’s government agencies.

\n