Microsoft’s Internet Explorer is in trouble again!
Security researcher John Page has discovered a new security flaw in Internet Explorer that allows hackers to steal Windows users’ data. Anyone who has Internet Explorer installed on their system is vulnerable to this exploit, whether they’re currently using the IE browser or have even opened it before. The researcher explained that the browser is vulnerable to XML External Entity attack if a user opens something malicious. MHT file locally, allowing hackers to remotely access the computer and exfiltrate local files. Simply put, you don’t even have to run the browser for this to be a problem and simply opening the wrong attachment or message could be enough for triggering the vulnerability.
The vulnerability affects Windows 7, Windows 10 and Windows Server 2012 R2.
The security researcher said he contacted Microsoft in March before now going public with the issue and Microsoft told him that it would just “consider” a fix in a future update.
“We determined that a fix for this issue will be considered in a future version of this product or service. At this time, we will not be providing ongoing updates of the status of the fix for this issue, and we have closed this case.”
The Internet Explorer Exploit left millions of users potentially vulnerable. If you don’t want to wait and rely on Microsoft to roll out a fix, then you can always uninstall Internet Explorer yourself just to be safe.
Published by Tony Shepherd & last updated on April 16, 2019 2:19 am