Internet Explorer zero-day lets hackers steal files from Windows PCs

Page 1 of 2 12 LastLast
    Internet Explorer zero-day lets hackers steal files from Windows PCs

    Internet Explorer zero-day lets hackers steal files from Windows PCs


    Posted: 16 Apr 2019

    A security researcher has published today details and proof-of-concept code for an Internet Explorer zero-day that can allow hackers to steal files from Windows systems.The vulnerability resides in the way Internet Explorer processes MHT files. MHT stands for MHTML Web Archive and is the default standard in which all IE browsers save web pages when a user hits the CTRL+S (Save web page) command.

    Modern browsers don't save web pages in MHT format anymore, and use the standard HTML file format; however, many modern browsers still support processing the format.

    AN XXE IN IE 11

    Today, security researcher John Page published details about an (XML eXternal Entity) vulnerability in IE that can be exploited when a user opens an MHT file.

    "This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed

    Program version information," Page said. "Example, a request for 'c:\Python27\NEWS.txt' can return version information for that program."



    Read more: Internet Explorer zero-day lets hackers steal files from Windows PCs | ZDNet

    See also: MSIE XXE 0day


    Tip   Tip
    How to Turn On or Off Internet Explorer in Windows 10
    Brink's Avatar Posted By: Brink
    16 Apr 2019


  1. JGToy
    Posts : 1,487
    Windows 10 Pro x64-bit Build Latest
       New #1

    @Brink

    Not a big deal but, after reading your post above I thought, "let's go and turn off IE11" and I did it, saw the warning about turn it off but I kept going...

    Later on I had to use my Quickbooks and '-bang-' there was the problem: Quickbooks won't work without IE11.

    So, I can't turn it off until Intuit find it's way out of Internet Explorer!
      My Computer
    Quote Quote

  3. Brink
    Posts : 68,923
    64-bit Windows 11 Pro for Workstations
    Thread Starter
       New #2

    Thank you for sharing your findings @JGToy.
      My Computers
    Quote Quote

  4. NMI
    Posts : 1,095
    Windows 11 Pro, Version 22H2
       New #3

    An alternative to turning off IE is to associate MHT/MHTML with a Chromium browser, Word or even Notepad/Wordpad: How to associate .mht and .mhtml files with a Non-Microsoft Store app

    But not Firefox:

    Bree said:
    Which is great - until you actually want to open an MHT file of your own. Firefox can't, in fact it offers to open it for you in IE.
    Apparently Chrome can open .mht/.mhtml files, and now so can the new Chromium-based Edge preview.
      My Computer
    Quote Quote

  6. Rubi
    Posts : 396
    Windows 10 Pro
       New #4

    Does avoiding the use of IE and not saving web pages or web content avoid the whole issue or should users still either disable IE or associate those files with another program regardless?
      My Computer
    Quote Quote

  7. NMI
    Posts : 1,095
    Windows 11 Pro, Version 22H2
       New #5

    Rubi said:
    Does avoiding the use of IE and not saving web pages or web content avoid the whole issue
    No.

    Rubi said:
    or should users still either disable IE or associate those files with another program regardless?
    Yes.

    But the risk is just that if you open a received .htm or .html attachment, they could read a named file which exists in a known folder.
      My Computer
    Quote Quote

  8. glacourse
    Posts : 6
    Windows 10 1903
       New #6

    no surprise here with INEPT IGNORER
      My Computer
    Quote Quote

  9. larc919
    Posts : 3,352
    Windows 10 Pro x64
       New #7

    Wonder how long this flaw has existed with lots of hackers not knowing about it? Well, they know now.
      My Computer
    Quote Quote

  10. Rubi
    Posts : 396
    Windows 10 Pro
       New #8

    NMI said:
    An alternative to turning off IE is to associate MHT/MHTML with a Chromium browser, Word or even Notepad/Wordpad: How to associate .mht and .mhtml files with a Non-Microsoft Store app
    This did not work for me, it wanted to associate ALL text files with Chrome. Am I missing something?
      My Computer
    Quote Quote

  12. NMI
    Posts : 1,095
    Windows 11 Pro, Version 22H2
       New #9

    Rubi said:
    This did not work for me, it wanted to associate ALL text files with Chrome. Am I missing something?
    Yes: Create two text files and rename them to test.mht and test.mhtml
      My Computer
    Quote Quote

 

  Related Discussions
Read more: Decade-old Windows kernel bug lets hackers bypass security protections | ZDNet
CCleaner always detects 1-2GB files to be cleaned from IE. I don't use IE, Edge occasionally so what are these files? Are they possibly Windows update files?
Intel chip vulnerability lets hackers easily hijack fleets of PCs | ZDNet
48720 Read more: http://news.softpedia.com/news/windows-10-threshold-2-lets-you-quickly-scan-files-with-windows-defender-496271.shtml
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 14:53.
Find Us




Windows 10 Forums