WinRAR is an archiving utility that completely supports RAR and ZIP archives and is able to unpack CAB, ARJ, LZH, TAR, GZ, UUE, BZ2, JAR, ISO, 7Z, Z archives. It consistently makes smaller archives than the competition, saving disk space and transmission costs. WinRAR offers you the benefit of industry strength archive encryption using AES (Advanced Encryption Standard) with a key of 128 bits. It supports files and archives up to 8,589 billion gigabytes in size. It also offers the ability to create self extracting and multi volume archives. With recovery record and recovery volumes, you can reconstruct even physically damaged archives.
WinRAR 7.23 changelog:
- Heap overflow vulnerability is fixed in RAR5 recovery volume data reconstruction code. It affects WinRAR, RAR and UnRAR. UnRAR.dll library doesn"t include recovery volume processing, so it is not affected. We are thankful to Arjun Basnet from Securin Labs for letting us know about this security issue.
- Symbolic link pointing outside of destination folder could be created even without -ola switch, when extracting a specially crafted RAR archive by WinRAR, RAR, UnRAR or UnRAR.dll library. Further check in extraction code prevents placing files to such folder even in case of multiple extraction commands, excluding the possibility of path traversal attack for WinRAR, RAR or UnRAR based extraction. It limits the potential threat to a case where another tool uses this symbolic link to store files. We are thankful to scofaild23-bnomran for letting us know about this security issue.
- 7zxa.dll 7z extraction library is updated to version 26.02 to include bug and vulnerability fixes by the library developer.
- Switch -iver prints RAR version even if -idc is specified in the command line, configuration file or RARINISWITCHES environment variable. Previously -idc blocked -iver action.
- Also a new line character is added to -iver output.
Download: WinRAR 7.23 | 3.6 MB (Shareware)
Links: WinRAR Website | WinRAR Themes | Release Notes