Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • +2 person also asked this people also asked this
  • Locked Locked
  • Replies 3 replies
  • Subscribers 12 subscribers
  • Views 1367 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Detection & Prevention for CVE-2018-20250 (WinRAR)

Clayton Dillard

We're looking for information on Sophos' ability to detect and prevent exploits of CVE-2018-20250 for WinRAR, which are actively being seen in the wild.  Any feedback would be awesome!



This thread was automatically locked due to age.
Parents
  • 0

    Hi  

    I will be contacting our team and will get back to you when I hear from them. Also, do you use ACE archives in your environment? This vulnerability can be exploited when WinRAR uses "unacev2.dll" library to parse ACE archives. If you do not use ACE archives, then you should update to the latest (Beta) version of WinRAR as they have dropped support for ACE file formats.  

Reply
  • 0

    Hi  

    I will be contacting our team and will get back to you when I hear from them. Also, do you use ACE archives in your environment? This vulnerability can be exploited when WinRAR uses "unacev2.dll" library to parse ACE archives. If you do not use ACE archives, then you should update to the latest (Beta) version of WinRAR as they have dropped support for ACE file formats.  

Children
Unfiltered HTML
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?