Source: www.schneier.com – Author: Bruce Schneier
A zero-day vulnerability in WinRAR is being exploited by at least two Russian criminal groups:
The vulnerability seemed to have super Windows powers. It abused alternate data streams, a Windows feature that allows different ways of representing the same file path. The exploit abused that feature to trigger a previously unknown path traversal flaw that caused WinRAR to plant malicious executables in attacker-chosen file paths %TEMP% and %LOCALAPPDATA%, which Windows normally makes off-limits because of their ability to execute code.
More details in the article.
Sidebar photo of Bruce Schneier by Joe MacInnis.
Original Post URL: https://www.schneier.com/blog/archives/2025/08/zero-day-exploit-in-winrar-file.html
Category & Tags: Uncategorized,exploits,malware,Russia,zero-day – Uncategorized,exploits,malware,Russia,zero-day
Views: 3
