Embed Notice

HTML Code

<blockquote style="position: relative; padding-left: 55px;"><section><a href="https://varishangout.net/objects/4b3f3b48-c3a2-4b05-90d9-623fa365f45e">DarkMahesvara (darkmahesvara@varishangout.net)'s status on Saturday, 19-Aug-2023 12:50:07 JST</a><a href="https://varishangout.net/users/DarkMahesvara" title="darkmahesvara@varishangout.net"><img src="https://gnusocial.jp/avatar/529-48-20220722154503.webp" width="48" height="48" alt="DarkMahesvara" style="position: absolute; left: 0; top: 0;">DarkMahesvara</a></section><article>"The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened."<br><br><a href="https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/">https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/</a><br><br>exploits in archive, image and video files/tools are rare but its still a good idea to only use them inside of a sandbox like flatpak/bubblewrap or firejail to minimize the risk.</article><footer><a rel="bookmark" href="https://gnusocial.jp/conversation/1964604#notice-3857401">In conversation</a><time datetime="2023-08-19T12:50:07+09:00" title="Saturday, 19-Aug-2023 12:50:07 JST">about a year ago</time> <span>from <span><a href="https://varishangout.net/objects/4b3f3b48-c3a2-4b05-90d9-623fa365f45e" rel="external" title="Sent from varishangout.net via ActivityPub">varishangout.net</a></span></span><a href="https://varishangout.net/objects/4b3f3b48-c3a2-4b05-90d9-623fa365f45e">permalink</a><h4>Attachments</h4><ol><li><article><header><div>Domain not in remote thumbnail source whitelist: www.bleepstatic.com</div><h5><a href="https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/">WinRAR flaw lets hackers run programs when you open RAR archives</a></h5><div> from <span>@BleepinComputer</span></div></header><div>A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.</div><footer></footer></article></li></ol></footer></blockquote>

Corresponding Notice

Embed this notice
DarkMahesvara (darkmahesvara@varishangout.net)'s status on Saturday, 19-Aug-2023 12:50:07 JST DarkMahesvara
"The flaw is tracked as CVE-2023-40477 and could give remote attackers arbitrary code execution on the target system after a specially crafted RAR file is opened."

https://www.bleepingcomputer.com/news/security/winrar-flaw-lets-hackers-run-programs-when-you-open-rar-archives/

exploits in archive, image and video files/tools are rare but its still a good idea to only use them inside of a sandbox like flatpak/bubblewrap or firejail to minimize the risk.
In conversationabout a year ago from varishangout.netpermalink
Attachments
1. Domain not in remote thumbnail source whitelist: www.bleepstatic.com
  WinRAR flaw lets hackers run programs when you open RAR archives
  from @BleepinComputer
  A high-severity vulnerability has been fixed in WinRAR, the popular file archiver utility for Windows used by millions, that can execute commands on a computer simply by opening an archive.

Public

Embed Notice

HTML Code

Corresponding Notice