Unpatched Internet Explorer Zero-Day Exploit Lets Hackers Steal Files

Although Microsoft is hoping for a big browser comeback with the Chromium-based version of the Microsoft Edge browser, there’s another browser in the company’s repertoire that many people have already forgotten about. Of course, we’re talking about the “undead” Internet Explorer.

Internet Explorer has a long history of poor security (which was one of the reasons for its dwindling popularity), and now a new exploit that takes advantage of the browser has been brought to light. John Page, a security researcher, has discovered an XML eXternal Entity (XXE) vulnerability that takes advantage of MHT files.

Internet explorer

The main issue is that by default, Windows-based operating systems are set to open MHT files with Internet Explorer. And because this unpatched vulnerability lies in Internet Explorer – which is still installed by default on Windows systems for backwards compatibility --  it leaves systems ripe for remote execution attacks.

"This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information," writes Page. "Example, a request for 'c:\Python27\NEWS.txt' can return version information for that program."

While interacting with an MHT file would usually require user intervention (i.e. clicking on an attachment that was sent in an email), ZDNetadds that the exploit could be triggered using a window.print() Javascript command that would be automatically run by simply visiting a malicious website.

Page adds that what makes this exploit even more troubling is that, "when opening a specially crafted .MHT file using malicious < xml > markup tags the user will get no such active content or security bar warnings [in Internet Explorer]."

As of now, the exploit affects versions of Internet Explorer 11 that are installed on Windows 7, Windows 10 and Windows Server 2012 R1 operating systems.

Microsoft has responded to Page's research by stating, "We determined that a fix for this issue will be considered in a future version of this product or service. At this time, we will not be providing ongoing updates of the status of the fix for this issue, and we have closed this case."

That seems like a half-baked response to us, and it seems as though this exploit should have Microsoft's full attention rather than simply being "considered."

If you'd prefer not to wait for Microsoft to patch the issue, you can simply uninstall Internet Explorer 11 in Windows 10 -- chances are that you aren't using it anyway. Simply navigate to Settings--> Apps--> Apps & features. From there, you will see an option "Related Settings" for Programs and Features. Next, click "Turn Windows features on or off" from the left panel.

Finally, unselect the Internet Explorer 11 option and hit "OK". Restart your machine to rid yourself of the useless browser.

Show comments blog comments powered by Disqus