It has been four years since the Internet Explorer has been replaced by the Edge browser and we all are familiar with the poor security and speed issues of Internet Explorer all these years.
Now, there is another threat that requires some serious concern. According to a latest report, Internet explorer puts your system in danger and allows hackers to pass through your system even if it is just installed in it.
A researcher John Page also famous as hyp3rlink, published a report which shows the faults in the way Internet Explorer handles MHTML files (Internet Explorer’s web archive format). The hackers use this information to steal data from the system.
As per the Hyp3rlink, “Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted .MHT file locally.
This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installedProgram version information.” Which clearly means that a user doesn’t even have to run the IE, just by opening an attachment sent through email or chat,hackers will find a way into your system.
This is a serious threat to Microsoft Windows 7, Windows 10 and Windows Server 2012.
When Page reported this issue to the Microsoft, they replied:
“We determined that a fix for this issue will be considered in a future version of this product or service. At this time, we will not be providing ongoing updates of the status of the fix for this issue, and we have closed this case.”
Microsoft had noticed the case when the credentials of a support agent were exploited to unauthorized access into some accounts.
The software giant also claimed that along with the emails and attachments, the hackers may also have viewed other information such as email addresses, folder name and subject of sent as well as received mails.
Is it a threat to the Windows 10 users who are not even using the Internet Explorer?
Sadly, it is a threat to the users who have switched to Windows 10 and stopped using the Internet Explorer because IE 11 comes with every Windows PC including Windows 10.
Although, the Internet Explorer requires a set up for running for the first time and this can put the system at threat as suggested by Page.
Is there any escape to this Internet Explorer threat?
Unfortunately, there is no way you can escape until Microsoft provides some fix to this situation.
But, as a preventive measure, disable IE in your Windows 10 PC if you are not using it.
You can even remove it completely if you are sure that youdon’t need it,this can be done via Control Panel after turning it off and restarting the device.
As Microsoft said, they will definitely provide a fix for the issue in future updates, probably on May’s Patch Tuesday falling on 14 May. Until then, we advice that, be very cautious about the MHT files and attachments if you are still using the Internet Explorer in your PC.
