【The Invited Man (2017) Uncut】-Opportunity Information Network
Latest News:
Big-League Bluster Justin Bieber asks screaming fans to take a chill pill for a second This tweet about Ivanka Trump might be the weirdest of the election Wall of taco trucks wages delicious protest outside of Trump's Vegas hotel NYT Connections hints and answers for May 10: Tips to solve 'Connections' #699. Tiny craft beer pub wants you to get offline and make time for IRL pints Satellite images show Hurricane Matthew's devastating mark on Haiti People can't handle Kevin Durant's Rolling Stone cover outfit Samsung Unpacked stream is set for May 12, 2025 China's LeEco prepares to take over the U.S. with phones, TVs and cars
Current Location: Home > Games > 【The Invited Man (2017) Uncut】

【The Invited Man (2017) Uncut】

2025-06-26 04:52:19 [Digital Culture] Source: Opportunity Information Network

Finally stopped using Internet Explorer?The Invited Man (2017) Uncut Good! But, now it’s time to completely delete it from your computer, too.

Security researcher John Page has discovereda new security flawthat allows hackers to steal Windows users’ data thanks to Internet Explorer. The craziest part: Windows users don’t ever even have to open the now-obsolete web browser for malicious actors to use the exploit. It just needs to exist on their computer.

“Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted .MHT file locally,” writesPage. “This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information.”

Basically, what this means is that hackers are taking advantage of a vulnerability using .MHT files, which is the file format used by Internet Explorer for its web archives. Current web browsers do not use the .MHT format, so when a PC user attempts to access this file Windows opens IE by default.

To initiate the exploit, a user simply needs to open an attachment received by email, messenger, or other file transfer service.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!
SEE ALSO: Microsoft cybersecurity expert: Please, stop using Internet Explorer as a web browser

“[For] example, a request for "c:\Python27\NEWS.txt" can return version information for that program,” Page explains. “Upon opening the malicious '.MHT' file locally it should launch Internet Explorer. Afterwards, user interactions like duplicate tab 'Ctrl+K' and other interactions like right click 'Print Preview' or 'Print' commands on the web-page may also trigger the XXE vulnerability.”

The exploit has been tested using the last version of Internet Explorer, IE 11. It affects Windows 7, Windows 10, and Windows Server 2012 R2 users.

Most worrisome, according to Page, is that Microsoft told him that it would just “consider” a fix in a future update. The security researcher says he contacted Microsoft in March before now going public with the issue.

As ZDNetpoints out, while Internet Explorer usage makes upless than 10 percent of the web browser market, it doesn’t particularly matter in this case as the exploit just requires a user to have the browser on their PC.

Earlier in 2019, Microsoft cybersecurity expert Chris Jackson urged anyone still using Internet Explorer to finally give it up. The company officially discontinued its former flagship web browser in 2015.

Featured Video For You
Windows 10 becomes the most popular desktop OS

Topics Cybersecurity Microsoft Windows

(Editor: {typename type="name"/})

Related Articles
Recommended
Hot Reads
Random

友情链接

接受PR>=1、BR>=1,流量相当,内容相关类链接。