• ACE format unpacker vulnerability – WinRAR and others

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » ACE format unpacker vulnerability – WinRAR and others

    Tags:

    Author
    Topic
    mn–
    AskWoody Lounger
    February 21, 2019 at 4:00 am #329924

    So, the unacev2.dll ACE unpacker vulnerability.

    This thing seems to have made the news and not in a nice way either. Also misleading since these typically ONLY mention WinRAR and not, say, PeaZip and all the others. Who knows how common that thing really is…?

    I certainly hope that the various antimalware tools that can scan inside .ace files aren’t vulnerable to this.

    https://research.checkpoint.com/extracting-code-execution-from-winrar/ says the vulnerability seems to exist in the open source (Linux and others) “unace-nonfree” package too, with a source code fragment shown and all (since it’s open source).

    Well, the open source library might get a fix but since it’s a nonfree one, the fix may not be redistributable.

    There’s a fully open-source and free (BSD license) unpacker for these that should be more robust, at https://pypi.org/project/acefile/ … which might in the short term become the recommended tool to use for extracting content from .ace archives, then?

    Long term, should convert any data so stored into other formats.

    Reply | Quote
    Viewing 4 reply threads
    Author
    Replies
    • joep517
      AskWoody MVP
      February 21, 2019 at 9:24 am #329975

      According to WinRAR changelog the ability to unpack rhe ACE format has been removed in version 5.0 beta 1. Yes, it is BETA but WinRAR has a long history of having beta software in the wild for an extended period.

      If you know of a better library perhaps you should contact the WinRAR developers.

      --Joe

      1 user thanked author for this post.
      Thomas
      Reply | Quote
      • mn–
        AskWoody Lounger
        February 21, 2019 at 10:43 am #330013

        Well yeah, I’m sure if someone really misses the ACE format support somewhere they can take the BSD-licensed Python acefile sources and do a reimplementation into compilable language and as a shared library. Just A Small Matter Of Programming(tm)

        Meanwhile, those of us who may develop a real need to get something out of an ACE-format archive should be able to get a Python runtime up…

        Reply | Quote
    • Microfix
      AskWoody MVP
      February 21, 2019 at 12:11 pm #330041

      Martin Brinkmann over at ghacks has a temporary fix for the ACE format remote code execution vulnerability within WinRAR for those who use it.

      Windows - commercial by definition and now function...
      1 user thanked author for this post.
      Thomas
      Reply | Quote
      • mn–
        AskWoody Lounger
        February 25, 2019 at 7:21 am #331064

        … fix the vulnerability by disabling ACE handling altogether, to be clear.

        Well, ACE files are uncommon these days… and new ACE files with legitimate content even more so, the format has been relatively more popular for malware and scams due to being less likely to be supported by scanners.

        Reply | Quote
    • anonymous
      Guest
      February 22, 2019 at 4:42 am #330228
      2 users thanked author for this post.
      Thomas, Microfix
      Reply | Quote
    • Thomas
      AskWoody Plus
      February 25, 2019 at 5:49 am #331029

      Thanks for this post
      I use Win RAR for well over probably 20 Years + and find it a fantastic archiver.

      Reply | Quote
    • anonymous
      Guest
      March 17, 2019 at 12:03 pm #342576

      ACE…? Okay. Never used it in my life ;o) Big chance that this bug is existing not only in winrar, but many other unpackers too. It’s an ancient file format, that nowadays seems to even be considerd as abandonware. So the old rules of (digital) life are still valid: never open unkown attachments from mails, most certainly not ones in exotic file formats…

      Reply | Quote
    Viewing 4 reply threads
    Reply To: ACE format unpacker vulnerability – WinRAR and others

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    April 2025
    S M T W T F S
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  

    Remembering Woody

     

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.