A fresh revelation has highlighted a vulnerability that can affect users of Windows 7, Windows 10 and Windows Server 2012 R2 via the Internet Explorer. This comes after Microsoft admitted a hacker had access to Outlook accounts of some users for three months.
A security researcher John Page has published details about how hackers can use the Internet Explorer to steal files from Windows systems, ZDNet reported first. The vulnerability resides in the way web browser handles MHT files (Internet Explorer’s default web archive format). While almost all the modern browsers don’t save web pages in MHT format and use the standard HTML file format, Internet Explorer saves a web page in MHT format.
On his website, John Page published details about XXE (XML external entity) vulnerability in Internet Explorer that hackers can exploit when a user opens an MHT file. “This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information,” Page stated.
All MHT files are automatically set to open by default in Internet Explorer on Windows. So as soon as users opens a file they received via email or any other medium, it leaves them vulnerable to threats. Even if Internet Explorer is not set as the default web browser, it will pop up to open the MHT file.
Page elaborates that the actual vulnerable code relies on how the web browser deals with ctrl+K (duplicate tab), ‘Print Preview’, and ‘Print’ commands. He explains how easy it is for hackers to steal user files and how they can disable Internet Explorer’s security alert system. Page said that he tested the exploit in the latest Internet Explorer browser v11 with all the recent security patches on the aforementioned windows operating systems.
Also read | Microsoft informs hackers had accessed some Outlook account emails for months
Page said that he posted the details of the exploit after Microsoft repeatedly declined to roll out an urgent security fix. Instead, they said that a fix would be ‘considered’ in a future release. It will leave those users open to threat unless they either turn-off Internet Explorer or install another app that can open MHT files.