LOADING...
Log in and
comment
Username or Email
Password
Forgot password?
Or
Join and
publish
You're almost done! Define a user name and password.
Username
Email
Password
Senha
» Tip Us Hey you, we are hiring! Join us if you are an author, developer or designer!

Internet explorer exploit could let hackers steal user data

15 April 2019 4

A new vulnerability has been discovered by security researchers in Internet Explorer that could allow hackers to steal sensitive user data. The vulnerability has been revealed by John Page (aka hyp3rlinx) which could potentially allow attackers to access a user’s computer's local files and spy on the user remotely.

The researcher states that the most troubling part of this discovery is that users don’t need to run the browser in order to expose a user’s computer to this flaw. A simple wrong attachment or message could be enough to expose the user’s data.

John Page states, "Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted.MHT file locally."

MHT (aka MHTML Web Archive) files which open in Internet Explorer by standard, is enough to start the process even if IE isn't your default browser. The report reveals that Microsoft was notified of the vulnerability on 27 March, however, the company has declined to release an urgent fix for the problem.

Microsoft has stated, "We determined that a fix for this issue will be considered in a future version of this product or service. At this time, we will not be providing ongoing updates of the status of the fix for this issue, and we have closed this case."

Till the fix is released by Microsoft millions of users will be left vulnerable to the exploit. The data shows a steady decline in Internet Explorer use, still, a number of Windows users who are using the platform are vulnerable to hackers.


4

Comments

Join our community » Internet explorer exploit could let hackers steal user data
Android

Top 5 best bezel-less smartphones | May 2019

Android

Top 5 best Android flagship smartphones | April 2019

Software

Android Software updates may soon be available via Play store | Upd: Now rolling out

Tech

Amazon acquires autonomous warehouse robotics startup Canvas Technology