Microsoft Corporation

Internet Explorer exploit is letting hackers steal your data


A security researcher has discovered a new vulnerability in Internet Explorer that is allowing hackers to steal your data.


John Page (aka hyp3rlinx ), has revealed a new security flaw in V11 of Internet Explorer that potentially allows attackers to access your computer's local files and spy on you remotely.


The most troubling part of this discovery is that you don't even need to run the browser in order to expose your computer to this flaw.


"Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted .MHT file locally."


According to the original report, Microsoft was notified of the vulnerability on 27 March, but has declined to release an urgent fix for the problem stating:


Although data shows a steady decline in Internet Explorer use, all Windows users are still vulnerable if the browser is installed on their machine.






Powered by Blogger.