Go to the Softpedia homepage


NEWS CATEGORIES:



NEWS ARCHIVE >>
SOFTPEDIA REVIEWS >>
Home / News / Security / Virus alerts

Virus alerts

WinRar Trojan on the Loose

The Trojan horse was detected on October 10

By Marius Oiaga, Technology News Editor

11th of October 2006, 13:48 GMT

Adjust text size:


The solution is simple. WinRar users should immediately upgrade to version 3.61 of the archiving software, if they haven't done this already. This because all prior versions are vulnerable. According to
Symantec Security Response, Trojan.Radropper has been detected in the wild, although the Cupertino based security company has associated the malicious software with a low threat level. Trojan.Radropper was designed to exploit RARLAB WinRAR LHA Filename Handling Buffer Overflow Vulnerability existent in WinRar versions prior to build 3.61.

"The attack was email based and was executed when an email with a RAR archive attachment was sent to a user. Once the archive was opened, the RAR file would drop a file, which is detected as Backdoor.Trojan, onto the user's computer. This threat is considered a very low risk at this time, due to the fact that it was used in a targeted attack. Additionally, the vulnerability exploited here is not new and a patch is already available. However, if you are using WinRAR, I fully advise you to patch the software as soon as possible," stated Joji Hamada from Symantec Security Response.


Rating:
Good (3.7/5) 9 vote(s) so far    

Read by 0 user(s) | Add comment | Link to this article
Subscribe to news | Print article | Send to friend

© Copyright 2001-2008 Softpedia
Contact:

 

 

SEARCH THE NEWS ARCHIVE :




Today's News | Yesterday's News | News Archive


MORE RELATED ARTICLES:


New IE Zero-Day Attack Emerges

Symantec Launches the Research Labs Graduate Fellowship Program

Dell and Symantec to Further Their Partnership

Dell and Symantec to Control Out-of-Control Email

Symantec Attacks Windows Vista's Security Features

Symantec Finds Firms Recognize Importance of Application Security, Yet Lack Commitment in Development Process

Symantec Predicts Windows Vista to Be a Security Liability

2,249 New Vulnerabilities in the First Half of 2006

Symantec Announces NERC CIP Compliance Solution for Electric Utilities

Symantec Introduces Security 2.0

User opinions:

No user comments yet.
Be the first to express your opinion using the form below!

Share your opinion:

Your Name:
Your Email Address:
(will not be used for commercial purposes)
Solve this to prove you're not a bot: =
Your review/opinion:

 






SUBMIT PROGRAM   |   ADVERTISE   |   GET HELP   |   SEND US FEEDBACK   |   RSS FEEDS   |   ENTER NEWS SITE   |   ENGLISH BOARD   |   ROMANIAN FORUM
© 2001 - 2008 Softpedia. All rights reserved.
Softpedia™ and the Softpedia™ logo are registered trademarks of SoftNews NET SRL.		 Copyright Information | Privacy Policy | Terms of Use | Update your software | Archive