Internet Explorer flaw can let hackers steal your files even if you’re not using it: Report

By Digit NewsDesk | Updated Apr 15 2019
Internet Explorer flaw can let hackers steal your files even if you’re not using it: Report
HIGHLIGHTS

Internet Explorer flaw making PCs prone to hacking.

The flaw will even make PCs vulnerable if a user doesn’t even use the browser.

Microsoft was notified about it, but it denied urgent security fix.

Go from OpenAPI-to-GraphQL in 2 minutes

Create GraphQL interfaces in minutes and build mobile or client apps quicker. Leverage free, open source IBM Code Patterns.

Click here to know more

Microsoft's Internet Explorer may have a small user base now, but it is posing a risk to a lot of users who have it installed on their computers. A flaw, unearthed by Security researcher John Page, will let hackers steal files from your PC. What’s scary is that the criminals can have the access to the files on a system even if the the browser is not in use. This means that if you have Internet Explorer installed on your PC but do not use it, you are still at risk.

The security researcher revealed an unpatched exploit in Internet Explorer’s handling of MHT files, which is the browser’s web archive format, that hackers can use to both spy on Windows users and steal their local data. When you press “Ctrl+S” on Internet Explorer, it will save the file in MHT format. Other popular web browsers use HTML format, though some of them still support this processing format, ZDNet said.

If you ever access an MHT file, it will be is opened using Internet Explorer by default. The flaw can “allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information,” Page was quoted as saying. The vulnerability affects Windows 7, Windows 10 and Windows Server 2012 R2, the researcher added.

The security researcher claims that he notified Microsoft about the vulnerability on March 27, but the company declined to consider the bug for an urgent security fix. “We determined that a fix for this issue will be considered in a future version of this product or service. At this time, we will not be providing ongoing updates of the status of the fix for this issue, and we have closed this case,” Microsoft said in a message sent to him on April 10, according to Page.

Earlier this year, Chris Jackson, a cybersecurity expert in Microsoft’s Windows division urged people to stop using Internet Explorer. Microsoft no longer supports the development and inclusion of new web standards for Internet Explorer, making it less than ideal for day-to-day use. While Internet Explorer was officially killed off by Microsoft, Edge, which started shipping with Windows 10 hasn’t really won many favours with users either.

According to statcounter, Internet Explorer had 2.56 percent global browser market share in March 2019. Microsoft Edge could only grab 2.21 percent share. Firefox is better than these two with 4.7 percent share, and Apple’s Safari has 15.64 percent share. Google Chrome sits at the top of the throne with 62.58 percent share globally.

Videos

Microsoft Surface Laptop Review | Digit.in
logo
Digit NewsDesk

The guy who answered the question 'What are you doing?' with 'Nothing'.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.