Internet Explorer zero-day lets hackers steal files from Windows PCs

More from: | ZDNET |
0

× internet-explorer-logo.png

A security researcher has published today details and proof-of-concept code for an Internet Explorer zero-day that can allow hackers to steal files from Windows systems.

The vulnerability resides in the way Internet Explorer processes MHT files. MHT stands for MHTML Web Archive and is the default standard in which all IE browsers save web pages when a user hits the CTRL+S (Save web page) command.

Also: Microsoft security chief: IE is not a browser, so stop using it as your default 

Modern browsers don’t save web pages in MHT format anymore, and use the standard HTML file format; however, many modern browsers still support processing the format.

An XXE in IE 11

Today, security

(...)

Read full article » https://www.zdnet.com/article/internet-explorer-zero-day-lets-hackers-steal-files-from-windows-pcs/#ftag=RSSbaffb68


About | ZDNET |

ZDNet brings together the reach of global and the depth of local, delivering 24/7 news coverage and analysis on the trends, technologies and opportunities that matter to IT professionals and decision makers.

Whatever your role in the IT buying cycle, ZDNet provides support -- from investigating options to optimizing a solution. Whether you want to follow hot topics or emerging trends, or keep up to date with the latest news and events, ZDNet is the destination for professionals seeking to research technology-related issues, and solve business technology problems.

»Twitter: @zdnet »Facebook: @ZDNet