Security researcher John Page has revealed an unpatched exploit in the web browser’s handling of MHT files ( IE’s default web page archiving format) that hackers can use to both spy on Windows users and steal their local data.
IE has been replaced by Edge as Microsoft’s preferred Windows browser, researchers keep finding unpleasant security flaws in Internet Explorer.
The vulnerability affects Windows 7, Windows 10 and Windows Server 2012 R2.
If Windows 7, Windows 10 or Windows Server 2012 R2 encounters one of these, it attempts to open them using IE which means that an attacker simply has to persuade the user to do that. Success would…
Allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information.
IE should throw up a security warning, but this could be bypassed Page said:
Opening a specially crafted .MHT file using malicious markup tags the user will get no such active content or security bar warnings.
Page posted details of the exploit after Microsoft reportedly declined to roll out an urgent security fix. It instead said a fix would be “considered” in a future release. While that does suggest a patch is on the way, it leaves millions of users potentially vulnerable unless they either turn off Internet Explorer or point to another app that can open MHT files.