Latest in Gear

Image credit: Associated Press

Internet Explorer security flaw allows hackers to steal files

You don't even have to use IE for this to be a problem.
7372 Shares
Share
Tweet
Share
Save

Sponsored Links

Associated Press

Microsoft's Internet Explorer has a longstanding reputation for poor security, but it's now bad enough that you could be attacked just by having it on your PC. Security researcher John Page has revealed an unpatched exploit in the web browser's handling of MHT files (IE's web archive format) that hackers can use to both spy on Windows users and steal their local data. As Windows opens MHT files using IE by default, you don't even have to run the browser for this to be a problem -- all you have to do is open an attachment sent through chat or email.

The vulnerability affects Windows 7, Windows 10 and Windows Server 2012 R2.

This wouldn't be an issue if it weren't for the disclosure of the flaw. Page posted details of the exploit after Microsoft reportedly declined to roll out an urgent security fix. It instead said a fix would be "considered" in a future release. While that does suggest a patch is on the way, it leaves millions of users potentially vulnerable unless they either turn off Internet Explorer or point to another app that can open MHT files.

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr