News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • explorer-hack

    Viewing 3 reply threads
    • Author
      Posts
      • #424604 Reply
        wavy
        AskWoody Plus

        https://mashable.com/article/internet-explorer-hacker-windows-pc-exploit/

        Yet another reason to be cautious when opening attachments.

        BTW I did not see a security branch for the forums here, this seemed the most relevant one. If I missed something please let me know. I am still used to the wonderful categorizations (and presentations of) that WS used…

        🍻

        Just because you don't know where you are going doesn't mean any road will get you there.
      • #427773 Reply
        b
        AskWoody Plus

        https://mashable.com/article/internet-explorer-hacker-windows-pc-exploit/

        Yet another reason to be cautious when opening attachments.

        This Internet Explorer zero-day was discussed in five posts starting here on Friday:

        P.S. Do Not use Internet Explorer, new Zero Day attack:

        My understanding is that IE only has to be installed (not used) to be vulnerable, but an exploit could only obtain contents of a file with a known or guessed name.

         

        BTW I did not see a security branch for the forums here, this seemed the most relevant one. If I missed something please let me know. I am still used to the wonderful categorizations (and presentations of) that WS used…

        There is a Code Red – Security/Privacy advisories forum: “It’s a big, bad world out there. Here’s what you need to know about recently discovered security problems, both with Windows and in the computing community at large.

         

        Windows 10 Pro Version 2004: Group ASAP (Pioneer/Chump)

        3 users thanked author for this post.
      • #481439 Reply
        OscarCP
        AskWoody Plus

        Just to be clear, am I correct in thinking that this vulnerability may be exploited when one clicks and opens an MHT file received from some one else, but not when opening a file that oneself has created when saving a Web page as MHT? Or is it possible for Web pages to carry the bug hidden within themselves so it can be passed to the MHT files one uses to save  those pages?

        From the zdnet article: ” Because on Windows all MHT files are automatically set to open by default in Internet Explorer, exploiting this vulnerability is trivial, as users only need to double-click on a file they received via email, instant messaging, or another vector.

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        • #483321 Reply
          b
          AskWoody Plus

          Just to be clear, am I correct in thinking that this vulnerability may be exploited when one clicks and opens an MHT file received from some one else, but not when opening a file that oneself has created when saving a Web page as MHT?

          I believe that’s correct.

           

          Or is it possible for Web pages to carry the bug hidden within themselves so it can be passed to the MHT files one uses to save those pages?

          I don’t think so.

           

          From the zdnet article: ” Because on Windows all MHT files are automatically set to open by default in Internet Explorer, exploiting this vulnerability is trivial, as users only need to double-click on a file they received via email, instant messaging, or another vector.

          It’s fairly easy to associate MHT and MHTML files to be opened in a different browser or program, although Windows 10 makes it more cumbersome than it should be. I had one MHT file (from an old Belarc Advisor results page), but you can create a couple of text files, e.g. with Notepad, and name them anything1.MHT then anything2.MHTML; use Open with …, Choose another app, Always use this app to open .mht/.mhtml files, Look for another app on this PC, navigate to Chrome or any Chromium browser (e.g. Edge Dev); then even if a rogue HTM file should be opened, it won’t get anywhere near the flawed IE; my HTM file now opens in Edge.

           

          Windows 10 Pro Version 2004: Group ASAP (Pioneer/Chump)

          2 users thanked author for this post.
      • #484720 Reply
        OscarCP
        AskWoody Plus

        b,

        Thanks. The way you explain how to block MHT files from being opened with IE also should work in Windows 7 and probably in 8.1 (I have 7 Pro).

        The last thing you wrote, I am not entirely clear about:

        Look for another app on this PC, navigate to Chrome or any Chromium browser (e.g. Edge Dev); then even if a rogue HTM file should be opened, it won’t get anywhere near the flawed IE; my HTM file now opens in Edge. ”

        Does this mean that the HTM blocking you explained previously in your message works only for IE, so with Chrome one can still open an HTM file, but: (1) without the fear of any bad consequences caused by a zero-day bug that might be riding on the file, because (2) Chrome is not the bug’s natural habitat, while IE is?

        Windows 7 Professional, SP1, x64 Group W (ex B) & macOS + Linux (Mint)

        • #488716 Reply
          b
          AskWoody Plus

          Yes, the bug is in IE so having Chrome set to open MHT files means they can be clicked safely.

          Windows 10 Pro Version 2004: Group ASAP (Pioneer/Chump)

          2 users thanked author for this post.
    Viewing 3 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: explorer-hack

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.