010-68421378
sales@cogitosoft.com
Categories
AddFlow  Altova SchemaAgent AmCharts JavaScript Stock Chart AmCharts 4: Charts Aspose.Total for Java Altova MapForce Altova DatabaseSpy Altova MobileTogether Altova UModel  Altova StyleVision Server Altova MapForce Server Altova Authentic Aspose.Total for .NET Altova RaptorXML Server Chart FX for SharePoint Chart FX CodeCharge Studio ComponentOne Ultimate Controls for Visual C++ MFC Chart Pro for Visual C ++ MFC ComponentOne Enterprise combit Report Server Combit List & Label 22 DbVisualizer version 12.1 Altova DiffDog DemoCharge DXperience Subscription .NET DevExpress Universal Subscription Essential Studio for ASP.NET MVC FusionCharts Suite XT FusionCharts for Flex  FusionExport V2.0 GrapeCity TX Text Control .NET for WPF GrapeCity Spread Studio Highcharts 10.0 版 HelpNDoc Highcharts Gantt Infragistics Ultimate  ImageKit9 ActiveX ImageKit.NET JetBrains--Fleet JetBrains-DataSpell JetBrains--DataGrip jQuery EasyUI jChart FX Plus Nevron Vision for .NET OPC DA .Net Client Development Component OPC DA .NET Server Toolkit  OSS ASN.1/C Oxygen XML Author  OSS 4G NAS/C, C++ Encoder Decoder Library OSS ASN.1 Tools for C with 4G S1/X2 OSS ASN.1/C# OSS ASN.1/JAVA OSS ASN.1/C++ OPC HDA .NET Server Toolkit PowerBuilder redgate NET Developer Bundle Report Control for Visual C++ MFC  Stimulsoft Reports.PHP Stimulsoft Reports.JS Stimulsoft Reports.Java Stimulsoft Reports. Ultimate Stimulsoft Reports.Wpf Stimulsoft Reports.Silverlight Altova StyleVision Sencha Test SPC Control Chart Tools for .Net SlickEdit Software Verify .Net Coverage Validator Source Insight Toolkit Pro for VisualC++MFC TeeChart .NET Telerik DevCraft Complete UltraEdit Altova XMLSpy Zend Server

WinRAR 6.02 最终版发布

WinRAR  6.02 final version released

 

WinRAR 6.02 Final Version released! Find out about the major improvements!

With the final release of WinRAR 6.02, we continue our constant development of the world’s leading compression and archive management software: WinRAR. The update introduces important security improvements as well as usability enhancements and bug fixes.

Security-related improvements

We have improved the handling of malformed ZIP SFX archives. The ZIP SFX module refuses to process SFX commands stored in the archive comment if such a comment is displayed after the beginning of the Authenticode digital signature. This is to prevent potential attacks by inclusion of a ZIP archive into the signature body. We already prohibited extracting contents of such malformed archives in WinRAR 6.01 and would like to thank Jacob Thompson from Mandiant Advantage Labs for reporting this issue, which is now fixed.

WinRAR also uses HTTPS instead of HTTP from now on for its web notification window, home page and themes links. We have implemented additional checks to make the web notifier more robust against potential threats. Such attacks are only possible if the intruder has managed to spoof or otherwise control a user's DNS records. It also involves some other factors in limiting the practical application of this attack. We would like to express our gratitude to Igor Sak-Sakovskiy for bringing this issue to our attention.

Usability improvements

You can find usability enhancements in several areas. Error messages thrown by SFX archives now display more detailed error information. In the past, such extended error information was only available in WinRAR but not in SFX archives. For example, such archives would previously display a "Cannot create file" message. In WinRAR 6.02, a detailed description follows this message, such as "access denied" or "file in use", when possible.

In addition, WinRAR now displays the name of the file to be unpacked in the WinRAR warning in case of a wrong password used for RAR5 archives. This can be helpful when unpacking a non-solid archive containing files encrypted with different passwords.

We have also made some usability enhancements for the command line mode. For example, the switch -idn now also hides archived names in 'v' and 'l' commands. This can be useful if you only need the archive type or total information.

As usual, we have also fixed a few bugs that appeared during the usage of WinRAR to provide all users with a stable, bug-free version.

Complete list

1. ZIP SFX module refuses to process SFX commands stored in archive

      comment if such comment is resided after beginning of Authenticode

      digital signature. It is done to prevent possible attacks with

      inclusion of ZIP archive into the signature body.

 

      We already prohibited extracting contents of such malformed archives

      in WinRAR 6.01.

 

      We are thankful to Jacob Thompson - Mandiant Advantage Labs

      for reporting this issue.

 

   2. WinRAR uses https instead of http in the web notifier window,

      home page and themes links. It also implements additional checks

      within the web notifier. This is done to prevent a malicious web page

      from executing existing files on a user's computer. Such attack

      is only possible if the intruder has managed to spoof or otherwise

      control user's DNS records. Some other factors are also involved

      in limiting the practical application of this attack.

 

      We would like to express our gratitude to Igor Sak-Sakovskiy

      for bringing this issue to our attention.

 

   3. Where appropriate, SFX archive displays the additional line

      with detailed error information provided by operating system.

 

      For example, previously such archive would display "Cannot create file"

      message alone. Now this message is followed by a detailed reason

      like access denied or file being used by another process.

 

      In the past this extended error information was available in WinRAR,

      but not in SFX archives.

 

   4. Switch -idn hides archived names also in 'v' and 'l' commands.

      It can be useful if only the archive type or total information

      is needed.

   

   5. If -ibck -ri switches are used together, WinRAR process

      sets the priority specified in -ri switch. Previous versions ignored

      -ri and set the priority to low in the presence of -ibck switch.

 

   6. When using "File/Change drive" command, WinRAR saves the last folder

      of previous drive and restores it if that drive is selected again

      later.

 

   7. Name of unpacking file is now included into WinRAR incorrect password

      warning for RAR5 archives. It can be helpful when unpacking

      a non-solid archive containing files encrypted with different passwords.

   

   8. Bugs fixed:

 

      a) "Convert archives" command issued erroneous "The specified password

         is incorrect" message after succesfully converting RAR archive

         with encrypted file names if new password was set and archive

         was opened in WinRAR shell;

 

      b) if command progress window was resized up and then quickly resized

         down to original dimensions, window contents could be positioned

         incorrectly.

 

 

Quick Navigation;

© Copyright 2000-2022  COGITO SOFTWARE CO.,LTD. All rights reserved