There were already a number of reasons to not use Internet Explorer. But if you needed another one, here it is.
The zero-day exploit itself lies within Internet Explorer’s use of MHT files when users save webpages. But the file-stealing vulnerability isn’t necessarily in the saving of webpages in this format; as Page notes, it’s in the opening of MHT files:
“Internet Explorer is vulnerable to XML External Entity attack if a user opens a specially crafted .MHT file locally.This can allow remote attackers to potentially exfiltrate Local files and conduct remote reconnaissance on locally installed Program version information. Example, a request for “c:\Python27\NEWS.txt” can return version information for that program.”
And as, ZDNet notes, even if you don’t use Internet Explorer as your main browser, your PC could still be vulnerable to this specific zero-day attack if you still have Internet Explorer installed and you open an MHT file. This is because MHT files are still opened by Internet Explorer by default on Windows PCs.
Page published the evidence (including a YouTube video and proof-of-concept code) online on April 12 and has claimed that not only did Microsoft know about the vulnerability, but that the technology company opted to not patch it when he notified them about it on March 27.
According to Page’s post, Microsoft replied to his message on April 10 with the following response:
“We determined that a fix for this issue will be considered in a future version of this product or service. At this time, we will not be providing ongoing updates of the status of the fix for this issue, and we have closed this case.”
While there isn’t a patch for this zero-day exploit, it’s still worth mentioning that Page was able to confirm that the exploit works on Internet Explorer 11 on the following Windows systems: Windows 10, Windows 7, and Windows Server 2012 R2.
In general, though, as you would with files from unknown senders, you should exercise caution when opening MHT files regardless of your operating systems, since, as ZDNet notes, MHT files have a history of being used to transmit malware.