Researchers have discovered a malspam campaign that is distributing a malicious RAR archive that may be the first one to exploit the newly discovered WinRAR ACE vulnerability to install malware on a computer. Last week, Checkpoint disclosed a 19-year-old vulnerability in the WinRAR UNACEV2.DLL library that allows a specially crafted ACE archive to extract a file to the Window Startup folder when it is extracted. This allows the executable to gain persistence and launch automatically when the user next logs in to Windows. As the developers of WinRAR no longer have access to the source code for the vulnerable UNACEV2.DLL library, instead of fixing the bug, they removed the DLL and ACE support from the latest version of WinRAR 5.70 beta 1.  While this fixes the vulnerability, it also removes all ACE support from WinRAR. Unfortunately, this does not help the approximately 500 million users who allegedly have WinRAR installed on their computers and that is exactly what malware developers are banking on. Today, 360 Threat Intelligence Center tweeted that they have discovered an email that was distributing a RAR archive that when extracted will infect a computer with a backdoor. Once the DLL is loaded, the attackers will be able to access your computer remotely, execute commands, and spread to other computers on your network. As we expect to see more malware attempt to exploit this vulnerability, whether it be through malspam or other methods, it is important that you upgrade to the latest version of WinRAR. There's more posted on OUR FORUM.

40.8% of smart homes have at least one device vulnerable to remote attacks, a third of them being vulnerable because of outdated software with unpatched security issues, while more than two-thirds are exposed by weak credentials. The security exposure risk is quite significant considering that roughly 40.3% of all smart households come with at least five devices connected to the Internet. As discovered by Avast, out of all devices exposed directly to the Internet, routers are the ones most targeted because they're the ones which act as a central hub for all other Internet-connected electronics in smart homes. Avast says in their report that "a router that is vulnerable to attack poses a risk for the whole home, much like leaving your front door unlocked. Cybercriminals can redirect compromised routers to access exactly what they want, including phones, computers or any other connected device." "It only takes one weak device to let in a bad hacker and once they are on the network, they can access other devices, and the personal data they stream or store, including live videos and voice recordings," said Avast President Ondrej Vlcek. "Simple security steps like setting strong, unique passwords and two-factor authentication for all device access, and ensuring software patches and firmware updates are applied when available, will significantly improve digital home integrity. Complete details posted on OUR FORUM.