Internet Explorer exploit makes Windows vulnerable - April 2019
-
Internet Explorer exploit makes Windows vulnerable - April 2019
In short, zero day exploit of Internet Explorer makes Windows vulnerable. MS won't issue a separate security update, so uninstall Internet Explorer, or change default app t open .mht and .mhtlm files.
Betanews | Internet Explorer flaw leaves Windows users vulnerable to hackers
A zero-day exploit found in Internet Explorer means hackers could steal files from Windows users. What's particularly interesting about this security flaw is that you don't even need to be an Internet Explorer user to be vulnerable.
-
-
![]()
How to associate .mht and .mhtml files with a Non-Microsoft Store app
For those not wanting to uninstall IE, but instead associate *.mht and *.mhtml files with say Firefox Chrome; i.e, a Non-Microsoft Store app:
Create two text files and rename them to test.mht and test.mhtml, where you can then 'Right click > Open with > Choose another app '. Find Chrome in the list while remembering to check box [x] 'Always use this app to open'
Some associations can not be done via 'Settings > Apps > Default Apps > Choose default apps by file type' where the only option is 'Look for an app in the Microsoft Store'
Edit Note: removed Firefox association example and substituted Chrome
Which is great - until you actually want to open an MHT file of your own. Firefox can't, in fact it offers to open it for you in IE.
Apparently Chrome can open .mht/.mhtml files, and now so can the new Cromium-based Edge preview.
Choose Default Apps in Windows 10
Last edited by Farvatten; 16 Apr 2019 at 21:00.
Reason: Removed Firefox association substitute Chrome
-
Vivaldi is capable to take association. But good tip 
-
-
Create two text files and rename them to test.mht and test.mhtml, where you can then 'Right click > Open with > Choose another app '. Find Firefox in the list while remembering to check box [x] 'Always use this app to open'
Which is great - until you actually want to open an MHT file of your own. Firefox can't, in fact it offers to open it for you in IE.
Apparently Chrome can open .mht/.mhtml files, and now so can the new Cromium-based Edge preview.
-
@Bree Thanks for pointing this out!
I've always appreciated your attention to details like this.
It's not a file type I've heard of till today and explains why it wasn't in Firefox's default file type lists under Settings > Apps > Default Apps > Set defaults by app > Firefox > Manage.
-
Mine was already set to Vivaldi.
I don't have Internet Explorer either:
-
I can open .mht files in Word. Note some old programs rely on the use of IE and won't work if IE is removed. One such example is Microsoft Money c. 2005 which is extremely useful.
-
I have uninstalled it and will do so every time I need to install Windows from now on.
-
-
The BetaNews article explains that the danger lies in opening malicious mht or mhtl files sent by hackers.
So if you don't open mht / mthl files sent by others then there is nothing to worry about.
Denis
-
Page said the actual vulnerable code relies on how Internet Explorer deals with CTRL+K (duplicate tab), "Print Preview," or "Print" user commands. This normally requires some user interaction, but Page said this interaction could be automated and not needed to trigger the vulnerability exploit chain. "A simple call to the window.print() Javascript function should do the trick without requiring any user interaction with the webpage," he said.
Internet Explorer zero-day lets hackers steal files from Windows PCs | ZDNet
Quote
