Internet Explorer Security Flaw Lets Hackers Steal Files From Windows PCs

18 April, 2019, 08:41 | Author: Sammy Rose

Even though Internet Explorer makes for less than 10% of the entire browser market, the fact that this exploit just requires the victim to have IE on their PC makes it worrisome.

According to researcher John Page, an unpatched exploit in the Internet Explorer browser's handling of MHT files (IE's Web archive format) can be used by hackers to both spy on Windows users and steal their local data. "MHT file locally", writes Page.

It is insignificant to exploit this vulnerability as the MHT files on Windows is by default set to be opened in Internet Explorer whenever a user double-click on the link that he might receive through email, message or any other source. Rather a JavaScript function window.print () is enough instead of the interaction of the user with the webpage.

Additionally, the exploit works around Internet Explorer's typical security alert system.

A security researcher has revealed details of an unpatched exploit in the way IE handles MHT files, and the problem affects Windows 7, Windows 10 and Windows Server 2012 R2. As long as the browser is there on your computer, hackers can get to you.

Last December, Microsoft was urging Internet Explorer users to update to the latest version of Internet Explorer after it discovered a serious flaw.

French Billionaires Pledge Over $300 Million to Rebuild Notre Dame
The cause of the fire is still unclear, though officials have ruled out arson and are not treating the incident as terror-related. The Pinault family, which controls French luxury conglomerate Kering, pledged an additional €100 million ($113 million).


'Swamp Thing' First Look On DC Universe Streaming Service
That verbiage doesn't make it sound like she, or anyone else working on the show, will be coming back for a second season. Swamp Thing has been filming since November 2018, and is due to debut on DC Universe on May 31 .


Microsoft's Disc-Less Xbox One Arrives May 7th for $249.99
For now, we'll just have to wait and see how well consumers can adapt to digital-only games and movies, if they're willing at all. The company is launching a new subscription package on Xbox One that bundles Xbox Live Gold and Xbox Game Pass together.


It allowed them to easily takeover your PC by executing some malicious code.

The news came at a time when Microsoft, coming to terms with the Outlook.com data breach case, reached out to some users, informing them of the hack which exposed data sent over emails to hackers who kept accessing their accounts between January 1 to March 28.

Microsoft didn't say how many users have been affected by the vulnerability, known as CVE-2018-865.

Finally stopped using Internet Explorer?

'The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. Thus this vulnerability should not be taken lightly.

Even though only a meager (7.34 percent) users use Internet Explorer today, it's still present in many systems.

Recommended:



Popular

Facebook spends US$22.6 million keeping Zuckerberg safe - Cloud - Networking - Security
However, nobody from Facebook has thus far provided any additional evidence to support the the claim of "cherry-picking". And all the while, Facebook was making loud noises about its attempts to protect and secure user privacy.

Capcom Home Arcade ready to pummel you with nostalgia this October
This is so that you can have the old arcade experience of side-by-side multiplayer as you play the system's 16 preinstalled games. Looking over the images, its an all-in-one controller and gaming system.

Kim Jong Un makes surprise visit to North Korea air force unit
The U.S. team is working with the North Koreans , Pompeo said, "to chart a path forward so that we can get there". He rejected partial denuclearization steps offered by Kim, which included an offer to dismantle Yongbyon.

Porsche 911 Speedster debuts in NY with 495bhp flat-six
The forefather of Porsche Speedster models, the 356 1500 America Roadster , had an aluminium body manufactured entirely by hand. The Porsche 911 Speedster Concept from previous year has made production, and the finalised vehicle has made its debut in NY .

Microsoft announces slimmer and lighter Surface Hub 2S
The computing component of the Surface Hub 2S is modular, making the device both serviceable and upgradeable. There's no price tag yet for the 85-inch Surface Hub 2 , but the company says it'll be available in 2020.

Smash Bros. Ultimate 3.0 Update Detailed
Ultimate as Challenger #1 from the Fighters' Pass DLC, four months after his show-stopping reveal at The Game Awards 2018. Though the Smash Stage Builder technically leaked last week , Nintendo confirmed all remaining details in a lengthy video.

Google Testing a Play Store Budgeting Feature to Help Check App Spending
Android users are being warned about a scary strain of malware discovered on Google Play Store apps. VentureBeat reports that this feature is now being tested and is rolling out in stages.

Samsung Galaxy Fold review units are already broken
Both the Galaxy A60 and the Galaxy A40s come with NFC support, as is standard for mid-range Galaxy phones launched in the country. However, the separate reports do suggest it may have something to do with the Galaxy Fold's polymer layer on top of the display.

Carl’s Jr. to Debut CBD-Infused Burger on 4/20
Starting small, in a market where cannabis regulation is "really strong", will allow Carl's Jr.to figure out how to move forward. MT through close for $4.20, while supplies last - or the Federal Bureau of Investigation raids the joint, whichever comes first.

Jaguar's electric I-Pace takes the World Car of the Year award
Despite its flaws the Suzuki Jimny is sold out in Australia for 12 months and some dealers have stopped taking orders. Finally, the World Urban Car award went to the Suzuki Jimny , which held off the Hyundai Atos/Santro and Kia Soul.