The Broadband Guide
SG
search advanced

Internet Explorer bug affects even those who never use the browser

2019-04-16 16:08 by
Tags:

 

Security researcher John Page warns that Microsoft's Internet Explorer has a critical security flaw that allows hackers to spy on you and steal personal data from your PC. You may think that you're not concerned, because you don't use IE. However, the flaw that's been discovered can be exploited even if you never intentionally use Internet Explorer.

The exploit revolves around a file format that very few probably remember by now. They're called MHTs and they're the special format that Microsoft once used when saving web pages in Internet Explorer. These days, web pages are saved as proper and standard HTML files but browsers, like IE, still retain the ability to open them.

"Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted .MHT file locally," writes Page. "This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information."

In other words, if a victim receives the MHT file as an attachment and double clicks it, then the PC is compromised. Normally this would trigger a security warning in Internet Explorer, but Page explains that blocking that is equally trivial for a hacker that knows what they're doing.

Read more -here-

 

  Post your review/comments
    rate:
   avg:
News Glossary of Terms FAQs Polls Cool Links SpeedGuide Teams SG Premium Services SG Gear Store
Registry Tweaks Broadband Tools Downloads/Patches Broadband Hardware SG Ports Database Security Default Passwords User Stories
Broadband Routers Wireless Firewalls / VPNs Software Hardware User Reviews
Broadband Security Editorials General User Articles Quick Reference
Broadband Forums General Discussions
Advertising Awards Link to us Server Statistics Helping SG About