Internet Explorer has become more and more forgotten, having become the most widely used web browser for years. Fortunately, we now have more secure browsers with more features like Chrome, Firefox or Edge Chromium itself under development. However, millions of computers still use Internet Explorer, and the computers you install on them are now vulnerable to file theft. Microsoft does not want to correct this.
This was revealed by one of the researchers in the field of security, which published today all the details and proof of the concept of how to exploit a vulnerability in the Internet Explorer, which allows the hackers to steal files from computers running Windows, including Windows 7 and Windows 10.
The new security issue is related to the way that Internet Explorer handles MHT files, which are used by MHTML Web archive files. This is the standard that all Internet Explorer browsers use to save web pages when you submit to save a page. Current browsers use HTML or HTM only to save pages, so they are not affected. However, some browsers still allow files to be opened in this format.
The search details published today by this researcher on the search page is how this vulnerability exploits users when opening an MHT file, which allows them to obtain files stored on the computer.
All Windows operating systems are set up to open MHT files by default using Internet Explorer, so only once do users click on the file they can receive by e-mail or by uploading them from a malicious site so that the attacker can take advantage of this vulnerability.
Because Microsoft does not want to fix this vulnerability, you can disable Internet Explorer on your computer by going to Control Panel, then to Programs and Features, and to activate or deactivate Windows features. You'll find there Internet Explorer 11, and you can deactivate it if you're not using it or using other browsers.
The search details published today by this researcher on the search page is how this vulnerability exploits users when opening an MHT file, which allows them to obtain files stored on the computer.
All Windows operating systems are set up to open MHT files by default using Internet Explorer, so only once do users click on the file they can receive by e-mail or by uploading them from a malicious site so that the attacker can take advantage of this vulnerability.
Because Microsoft does not want to fix this vulnerability, you can disable Internet Explorer on your computer by going to Control Panel, then to Programs and Features, and to activate or deactivate Windows features. You'll find there Internet Explorer 11, and you can deactivate it if you're not using it or using other browsers.
Explanation of this gap:
