- Gary McGath, Freelance Technical Writer
Are you looking for expert, reliable writing on computer technology? Drop me a note. - Follow Mad File Format Science on WordPress.com
-
Join 144 other subscribers
-
Recent Posts
RSS feed
File formats, file validation, archival software, and other weird things
Files that Last: Digital Preservation for Everygeek, an e-book to bring the message of digital preservation to the broader geek world.
Mad File Format Science 
Path traversal bugs in archive formats
Malware has shown up which takes advantage of a path traversal bug in the WinRAR archiving utility. The bug, which reportedly existed for 19 years, is fixed in the latest version. The problem stems from an old, buggy DLL which WinRAR used. It allowed the expansion of an archive with a file that would be extracted to an absolute path rather than the destination folder. In this case, the path was the system startup folder. The next time the computer was rebooted, it would run the malware file.
Continue reading →
Comments Off on Path traversal bugs in archive formats
Posted in commentary, News
Tagged security, software, WinRAR