Is NewsLeecher also affected with the winrar security vulnerability?

Post your questions here if you need help to use NewsLeecher or if you have a question about a feature.

Post Reply
playbook
Posts: 1
Joined: Fri Feb 22, 2019 1:47 am

Is NewsLeecher also affected with the winrar security vulnerability?

Post by playbook » Fri Feb 22, 2019 1:57 am

Hello. I just learned that winrar has a 19 year old security vulnerability that allows hackers the ability automatically run code upon extraction of a .rar file.

As reported here https://research.checkpoint.com/extract ... om-winrar/

or via a less technical news story here http://worldlingnews.com/winrar-patched ... ulnerable/

My question, is NewsLeecher 7 also affected by this vulnerabilty?

How exactly does NewsLeecher automatically extract .rar files, does it use winrar that is installed on the PC, or does it use its own (non-winrar) tools?

I noticed there is a unrar.dll within the newsleecher install folder, is that what is used by Newsleecher to extract rar files?

If so does it share the same vulnerability discovered in winrar?

Thanks in advance for your answers.

psypher
Posts: 19
Joined: Sun Nov 18, 2007 11:03 pm

Re: Is NewsLeecher also affected with the winrar security vulnerability?

Post by psypher » Sun Mar 24, 2019 2:52 pm

Correction. It's just the main software UI from Winrar which handles ACE archives which is affected. NL just uses the library for RAR archives. So if you use the actual WinRAR software for other things, you should update it to the latest version, 5.70

Who is online

Users browsing this forum: No registered users and 7 guests