SOLVED Another Zero Day Exploit for IE

Trouble · Apr 15, 2019

Again another phishing exploit from files sent to potential victims in emails, messaging apps and other vectors.

Microsoft was notified but declined to patch
Page said he notified Microsoft about this new IE vulnerability on March 27, but the vendor declined to consider the bug for an urgent security fix in a message sent to the researcher yesterday, April 10.
"We determined that a fix for this issue will be considered in a future version of this product or service," Microsoft said, according to Page. "At this time, we will not be providing ongoing updates of the status of the fix for this issue, and we have closed this case."

SOURCE: https://www.zdnet.com/article/internet-explorer-zero-day-lets-hackers-steal-files-from-windows-pcs/
So.... as always, be very careful when opening files sent to you by anyone, even those you would normally trust.
NOTE: The important take away should be that you don't have to use Internet Explorer, it just has to be present on your machine which of course if the case with any Windows OS. Internet Explorer is the default program used to open the malicious .MHT files.

davehc · Apr 15, 2019

Tks, Trouble

Trouble · Apr 15, 2019

Have to wonder.... when MS is gonna cut IE completely out of the Windows OS.
OR
At least give us an option to disassociate it from any default file function(s).

The first thing I did was try to change the default program for opening .MHT files. IE was the only option.
Just an option to "Always ask" would give me some peace of mind.

Bighorn · Apr 16, 2019

Hmm, seems the .mht format is controlled to the same extent as the .pub/Publisher format, nothing else works. And we won't even talk about .pst/.ost of Outlook.

Trouble · Apr 17, 2019

Been hearing some things about a software product called Scribus https://www.scribus.net/
Which according to some reports, the latest version will work with Publisher ( .pub ) files.
IDK, I've never tried it but it might be worth looking into.

Bighorn · Apr 17, 2019

Looks like I'm going to have to try Scribus. It appears also to be cross-platform with Linux.

Trouble · Apr 17, 2019

Great.... let us know.
Often, some elements will not cross over (borders, some fonts, complex shapes, etc.)
So if this Scribus thingy works out, it'd be nice to know.
Just in case I ever decide to drop my 365 subscription.

Another Windows 10 disaster as Free Solitare dsappears and I go Apple.	35	Mar 5, 2019
SOLVED File explorer not responding in one account but not another	6	Mar 1, 2019
Can't type password and another thing	1	Jun 11, 2018
Trying to open this file from another computer was unsuccessful.	2	May 24, 2018
Windows defender with another AV	23	Apr 30, 2018
SOLVED Another startup program problem.	11	Apr 7, 2018
Another pass along...	6	Jan 4, 2018
How do I move EFI System Partition from a partition at higher offset to another	1	Jan 1, 2018

SOLVED Another Zero Day Exploit for IE

Trouble

Noob Whisperer

davehc

Trouble

Noob Whisperer

Bighorn

Trouble

Noob Whisperer

Bighorn

Trouble

Noob Whisperer

Ask a Question

Similar Threads