Internet Explorer Used to Exploit Windows MHTML Vulnerability

Posted on Wednesday, March 16, 2011 @ 00:30:37 CET in Security
by Raven

Southern writes:  
A vulnerability in the way Internet Explorer parses MHTML content—a method for combining multiple file types and HTML content into a single file—is now targeting users as part of a "drive-by" browser attack.

It's called that due to the process by which attackers exploit the loophole: They'll create a malicious website, lure a user in, and then force the user's browser to run Javascript code. This code can access information from a user's browser or, worse, entice a user to install additional code that opens up his or her system to additional hacks.

"The end result of this type of vulnerability is script encoded within the link executed in the context of the target document or target web site," write Dave Ross and Chengyun Chu in Microsoft's Security Research & Defense blog.

more: PCMag
click Related        click Share
Associated Topics

News ©

Site Info v2.2.2 ©

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 373,482,275
  • Today: 39,181
Server InfoServer Info
  • Dec 17, 2018
  • 09:11 pm CET