https://www.theregister.co.uk/2018/04/04/microsoft_windows_defender_rar_bug/
A remote-code execution vulnerability in Windows Defender – a flaw that can be exploited by malicious .rar files to run malware on PCs – has been traced back to an open-source archiving tool Microsoft adopted for its own use.
[...] Apparently, Microsoft forked that version of unrar and incorporated the component into its operating system's antivirus engine. That forked code was then modified so that all signed integer variables were converted to unsigned variables, causing knock-on problems with mathematical comparisons. This in turn left the software vulnerable to memory corruption errors, which can crash the antivirus package or allow malicious code to potentially execute.
(Score: 1) by DECbot on Monday April 09 2018, @11:58PM
My guess this was the abstraction layer that ported rar file format to something VB could use, and thus making it available to Office macros.
Makes sense to me. Put a bunch of filenames in a worksheet in Excel, press a button and out spits a rar file containing all the files listed in the worksheet. Who needs properly working pipes and bash one-liners, we've got ctrl+c, ctrl+v, and macros!
cats~$ sudo chown -R us /home/base