Get Even More Visitors To Your Blog, Upgrade To A Business Listing >>

Warning: Internet Explorer Just Became A Silent But Serious Threat To Every Windows User


And if someone were to send you a malicious .MHT file (perhaps disguised as a download link or an email attachment), Internet Explorer would be the default application to open it.


That already sounds scary, but then Page says that a simple javascript call within the file (such as invoking the Print Preview function) can do this automatically and without user interaction.


"Typically, when instantiating ActiveX Objects [...] users will get a security warning bar in IE and be prompted to activate blocked content.


However, when opening a specially crafted .MHT file using malicious markup tags the user will get no such active content or security bar warnings."


Page says the reason he publicly disclosed this exploit -- and the accompanying code to pull it off -- is because Microsoft acknowledged the Threat but refused to treat it as an urgent matter.


Between Windows Updates , supply chain attacks and malware spreading via popular file-sharing websites, you already have enough to worry about.




READ MORE (Forbes)


  • Internet Explorer on PCs threat to users: ReportLivemint
  • This Microsoft tool is a threat to your PC, claims reportGadgets Now
  • Microsoft will get around to fixing Internet Explorer exploit eventuallyNAG
  • This Internet Explorer exploit could let hackers steal your dataPocket-lint.com
  • Internet Explorer continues to threaten PC users with 0-day exploitSlashGear
  • Internet Explorer zero-day lets hackers can steal your files even if you don't use itThe INQUIRER
  • Internet Explorer lets Hackers To Steal Data even if you use Chrome or FirefoxThe Indian Wire
  • Internet Explorer might be exposing you to hackers – even if you don't actually use itTrustedReviews
  • Hackers Can Access Your Data Via Internet Explorer, Even If You Never Use ItMashable India
  • Internet Explorer zero-day lets hackers steal files from Windows PCsZDNet
  • Microsoft Internet Explorer v11 XML External Entity Injection 0day - hyp3rlinx - Altervistahyp3rlinx - Altervista


This post first appeared on The 5th News, please read the originial post: here

Share the post

Warning: Internet Explorer Just Became A Silent But Serious Threat To Every Windows User

×

Subscribe to The 5th News

Get updates delivered right to your inbox!

Thank you for your subscription

×