OVERVIEW WinRAR is a trialware file archiver utility for Windows which can create and view archives in RAR or ZIP file formats and unpack numerous archive file formats. Description and Consequences According to the WinRAR website, over 500 million users worldwide make WinRAR the world’s most popular compression too. While a patched version, 5.70, was released on February 26, attackers are releasing exploits in an effort to reach vulnerable systems before they can be patched, when a vulnerable version of WinRAR is used to extract the contents of this archive, a malicious payload is created in the Startup folder behind the scenes. User Account Control (UAC) does not apply, so no alert is displayed to the user. The next time the system restarts, the malware is run.
OVERVIEW WinRAR is a trialware file archiver utility for Windows which can create and view archives in RAR or ZIP file formats and unpack numerous archive file formats. Description and Consequences According to the WinRAR website, over 500 million users worldwide make WinRAR the world’s most popular compression too. While a patched version, 5.70, was released on February 26, attackers are releasing exploits in an effort to reach vulnerable systems before they can be patched, when a vulnerable version of WinRAR is used to extract the contents of this archive, a malicious payload is created in the Startup folder behind the scenes. User Account Control (UAC) does not apply, so no alert is displayed to the user. The next time the system restarts, the malware is run.
The issue, classified as a race condition flaw that could be exploited by an attacker to access the guest virtual machine to escalate privileges.
RDP is a protocol on Windows Operating systems that allows remote access and control of the Windows Operating System. This protocol is usually used by systems administrators to control computers running windows operating systems remotely. While the SMB protocol is commonly used by servers to communicate with computers on a domain and also used by computers to share files, printers and so on, on a network.
The vulnerabilities found in the DIR-865L model of D-Link routers increases the likelihood of a malicious attack to run arbitrary commands that could lead to a denial of service attack, sniff web traffic and use the session information to gain access to password-protected portions of the website without knowing the password, and conduct the CSRF attacks.
The following are the listed vulnerabilities that has been discovered in the D-LINK home routers.
Multiple security vulnerabilities in VMware ESXi, Workstation, Fusion, VMRC and Horizon Client were privately reported to VMware. VMware Fusion, VMRC, ESXi, and Horizon Client contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOC/TOU) bug that still makes it possible for an attacker with low permissions to execute arbitrary code with root privileges. VMware has evaluated the severity of this issue to be in the important severity range with a maximum CVSSv3 base score of 7.3.
