News, tips, advice, support for Windows, Office, PCs & more. Tech help. No bull. We're community supported by donations from our Plus Members, and proud of it
Home icon Home icon Home icon Email icon RSS icon
  • explorer-hack

    This topic contains 5 replies, has 3 voices, and was last updated by

     b 1 day, 11 hours ago.

    • Author
      Posts
    • #424604 Reply

      wavy
      AskWoody Plus

      https://mashable.com/article/internet-explorer-hacker-windows-pc-exploit/

      Yet another reason to be cautious when opening attachments.

      BTW I did not see a security branch for the forums here, this seemed the most relevant one. If I missed something please let me know. I am still used to the wonderful categorizations (and presentations of) that WS used…

      🍻

      Just because you don't know where you are going doesn't mean any road will get you there.
    • #427773 Reply

      b
      AskWoody Plus

      https://mashable.com/article/internet-explorer-hacker-windows-pc-exploit/

      Yet another reason to be cautious when opening attachments.

      This Internet Explorer zero-day was discussed in five posts starting here on Friday:

      P.S. Do Not use Internet Explorer, new Zero Day attack:

      My understanding is that IE only has to be installed (not used) to be vulnerable, but an exploit could only obtain contents of a file with a known or guessed name.

       

      BTW I did not see a security branch for the forums here, this seemed the most relevant one. If I missed something please let me know. I am still used to the wonderful categorizations (and presentations of) that WS used…

      There is a Code Red – Security/Privacy advisories forum: “It’s a big, bad world out there. Here’s what you need to know about recently discovered security problems, both with Windows and in the computing community at large.

       

      Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Finger sharpener" (Group ASAP) WX1903

      2 users thanked author for this post.
    • #481439 Reply

      OscarCP
      AskWoody Plus

      Just to be clear, am I correct in thinking that this vulnerability may be exploited when one clicks and opens an MHT file received from some one else, but not when opening a file that oneself has created when saving a Web page as MHT? Or is it possible for Web pages to carry the bug hidden within themselves so it can be passed to the MHT files one uses to save  those pages?

      From the zdnet article: ” Because on Windows all MHT files are automatically set to open by default in Internet Explorer, exploiting this vulnerability is trivial, as users only need to double-click on a file they received via email, instant messaging, or another vector.

      • #483321 Reply

        b
        AskWoody Plus

        Just to be clear, am I correct in thinking that this vulnerability may be exploited when one clicks and opens an MHT file received from some one else, but not when opening a file that oneself has created when saving a Web page as MHT?

        I believe that’s correct.

         

        Or is it possible for Web pages to carry the bug hidden within themselves so it can be passed to the MHT files one uses to save those pages?

        I don’t think so.

         

        From the zdnet article: ” Because on Windows all MHT files are automatically set to open by default in Internet Explorer, exploiting this vulnerability is trivial, as users only need to double-click on a file they received via email, instant messaging, or another vector. “

        It’s fairly easy to associate MHT and MHTML files to be opened in a different browser or program, although Windows 10 makes it more cumbersome than it should be. I had one MHT file (from an old Belarc Advisor results page), but you can create a couple of text files, e.g. with Notepad, and name them anything1.MHT then anything2.MHTML; use Open with …, Choose another app, Always use this app to open .mht/.mhtml files, Look for another app on this PC, navigate to Chrome or any Chromium browser (e.g. Edge Dev); then even if a rogue HTM file should be opened, it won’t get anywhere near the flawed IE; my HTM file now opens in Edge.

         

        Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Finger sharpener" (Group ASAP) WX1903

        2 users thanked author for this post.
    • #484720 Reply

      OscarCP
      AskWoody Plus

      b,

      Thanks. The way you explain how to block MHT files from being opened with IE also should work in Windows 7 and probably in 8.1 (I have 7 Pro).

      The last thing you wrote, I am not entirely clear about:

      Look for another app on this PC, navigate to Chrome or any Chromium browser (e.g. Edge Dev); then even if a rogue HTM file should be opened, it won’t get anywhere near the flawed IE; my HTM file now opens in Edge. ”

      Does this mean that the HTM blocking you explained previously in your message works only for IE, so with Chrome one can still open an HTM file, but: (1) without the fear of any bad consequences caused by a zero-day bug that might be riding on the file, because (2) Chrome is not the bug’s natural habitat, while IE is?

      • #488716 Reply

        b
        AskWoody Plus

        Yes, the bug is in IE so having Chrome set to open MHT files means they can be clicked safely.

        Cannon fodder Chump Daft glutton Idiot Sucker More intrepid Crazy/ignorant Toxic drinker Saluted blockhead "Finger sharpener" (Group ASAP) WX1903

        2 users thanked author for this post.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: explorer-hack

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information:


    Comments are closed.