The WinRAR flaw is not really a flaw, Malwarebytes apologizes

Security firm Malwarebytes recently unveiled a vulnerability in WinRAR, the popular compression program which, according to the firm, has put millions of its users at risk.

The program's developers, RARLab, shrugged it off saying it's not really a vulnerability. It turns out they were right, and Malwarebytes apologized for its mistakes.

As it turns out this vulnerability is more an attack vector that only works with the users’ cooperation, Malwarebytes wrote. “The vulnerability was fixed by Microsoft in November of 2014.”

RARLab’s response to the matter was that without this patch, every software utilizing MS Internet Explorer components including Internet Explorer itself can be vulnerable.

“The entire attack is based on vulnerabilities in Windows OLE MS14-064 patched in November 2014. System installed the patch are safe. System without patch must install it. Without this patch every software utilizing MS Internet Explorer components including Internet Explorer itself can be vulnerable to specially crafted HTML page allowing code execution. WinRAR SFX module displays HTML in start dialog, so it is affected too, but components of Internet Explorer are used in a huge number of different tools, not just in WinRAR SFX archives,” it wrote.

Malwarebytes apologized for its mistakes, saying that it takes too much user cooperation to be considered malware.

“I would like to apologize to WinRar as this is not a vulnerability in their software. It takes too much user cooperation and even then it does not run the resulting code in an elevated manner.”