![]() ![]() The unpatched version of UNACEV2.DLL can create a loophole where an executable file compressed using the ACE archive format can be extracted to the system’s Startup folder. The “Absolute Path Traversal” vulnerability was discovered in the support file named UNACEV2.DLL that comes in all WinRar install. Winrar had a vulnerability under CVE-2018-20250, it was fixed with Winrar 5.70 beta 1. That is exactly what happened with Winrar users who deliberately disabled auto-updates. It is unfortunate that many users are starting to avoid auto-updates for their software altogether in order to prevent the hassles of restarting the computer and interrupt their workflow. Just like the operating system itself, application software needs to be updated regularly in order to prevent the possibility of fixed security vulnerability from being taken advantage of by 3rd parties. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |