详细内容或原文请订阅后点击阅览
立即更新Winrar工具:ROMCOM和其他利用零日漏洞
ESET研究发现,以工作申请文件为幌子,在野外利用Winrar的零日脆弱性;武器化的档案馆利用了路径遍布缺陷,以妥协其目标
来源:WeLiveSecurity _恶意软件ESET研究人员发现了Winrar中以前未知的脆弱性,并被与俄罗斯一致的Romcom在野外剥削。这至少是Romcom第三次被抓住在野外存在零日脆弱性。 Previous examples include the abuse of CVE-2023-36884 via Microsoft Word in June 2023, and the combined vulnerabilities assigned CVE‑2024‑9680 chained with another previously unknown vulnerability in Windows, CVE‑2024‑49039, targeting vulnerable versions of Firefox, Thunderbird, and the Tor Browser, leading to arbitrary code execution in the context of the logged-in user in 2024年10月。 CVE-2023-36884 2023年6月 CVE ‑ 2024-9680 CVE ‑ 2024-49039 2024年10月 此博客文章的要点:如果您使用Winrar或其他受影响的组件,例如其命令行实用程序的Windows版本,unrar.dll或便携式UNRAR源代码,请立即升级到最新版本。2025年7月18日,ESET研究人员发现了以前未知的零日漏洞,该漏洞是在Winrar exply.an vinrar offerly of winrain for nife of vinrain for nife of vinrain for nife of winr. bel nife of winr.漏洞,现已分配为CVE-2025-8088:路径遍历漏洞,通过使用替代数据流使其成为可能。 After immediate notification, WinRAR released a patched version on July 30th, 2025.The vulnerability allows hiding malicious files in an archive, which are silently deployed when extracting.Successful exploitation attempts delivered various backdoors used by the RomCom group, specifically a SnipBot variant, RustyClaw, and Mythic agent.This campaign targeted financial, manufacturing, defense, and logistics companies in Europe and Canada. 此博客的要点: 如果您使用Winrar或其他受影响的组件,例如其命令行实用程序的Windows版本,即 th romcom个人资料 CVE-2025-8088的发现 msedge.dll winrar CVE-2025-8088 CVE −2025-6218 st
ESET研究人员发现了Winrar中以前未知的脆弱性,并被与俄罗斯一致的Romcom在野外剥削。这至少是Romcom第三次被抓住在野外存在零日脆弱性。 Previous examples include the abuse of CVE-2023-36884 via Microsoft Word in June 2023, and the combined vulnerabilities assigned CVE‑2024‑9680 chained with another previously unknown vulnerability in Windows, CVE‑2024‑49039, targeting vulnerable versions of Firefox, Thunderbird, and the Tor Browser, leading to arbitrary code execution in the context of the logged-in user in 2024年10月。 CVE-2023-36884 2023年6月 CVE ‑ 2024-9680 CVE ‑ 2024-490392024年10月
此博客文章的要点:如果您使用Winrar或其他受影响的组件,例如其命令行实用程序的Windows版本,unrar.dll或便携式UNRAR源代码,请立即升级到最新版本。2025年7月18日,ESET研究人员发现了以前未知的零日漏洞,该漏洞是在Winrar exply.an vinrar offerly of winrain for nife of vinrain for nife of vinrain for nife of winr. bel nife of winr.漏洞,现已分配为CVE-2025-8088:路径遍历漏洞,通过使用替代数据流使其成为可能。 After immediate notification, WinRAR released a patched version on July 30th, 2025.The vulnerability allows hiding malicious files in an archive, which are silently deployed when extracting.Successful exploitation attempts delivered various backdoors used by the RomCom group, specifically a SnipBot variant, RustyClaw, and Mythic agent.This campaign targeted financial, manufacturing, defense, and logistics companies in Europe and Canada.