IE browser flaw could affect all Windows users

Written by:
Lucie Sadler
Date Posted:
18 April 2019
Tech News

All Windows OS users could be at risk of Internet Explorer flaw

Internet Explorer
Nearly four years after Microsoft replaced their internet browser with Microsoft Edge, a flaw has been found in the now discontinued Internet Explorer (IE). The browser flaw could put all Windows users at risk, even if they have long forgotten IE and were unaware that it was installed on their PC.

The browser flaw could allow hackers to steal files and data from Windows systems, even if the browser is no longer in use. Windows users don’t even have to open the now obsolete web browser, it just needs to exist on their PC for the hackers to strike.

Security flaws were often found with IE, which was one of the major reasons why it was replaced with the more secure Microsoft Edge in 2015. Last week Security Researcher John Page found a security flaw with opening MHT files on Windows OS.

MHT files
The flaw is determined by the way that IE processes MHT files – a default standard in which all IE browsers save web pages when a user hits CTRL+ S to save a web page. Newer browsers don’t save web pages in MHT format anymore and use the standard HTML file format, but some browsers still support the MHT format and open files of this type using this browser by default.

If a hacker were to send a malicious file extension as a downloadable link or email attachment, then IE would be the default application to open this on Windows (if it is still installed on the PC). Hackers would be able to take advantage of the vulnerability using. MHT files and gain access to users’ files and data.

The exploit has been tested using the last version of Internet Explorer, IE 11. It affects Windows 7, Windows 10, and Windows Server 2012 R2 users. Microsoft was notified of the flaw but declined to patch the issue, so the Security Researcher released the exploit code online. This comes after Microsoft cybersecurity expert Chris Jackson urged anyone still using IE to stop doing so in February 2019. There may be further updates on this flaw, so check recent news articles for more information.

How to delete IE on Windows 10
Press Windows key + R to open ‘Run’ box
Type ‘appwiz.cpl’ and select ok
In the ‘programs and features’ box select ‘turn Windows features on or off’ on the left-hand side
Find the entry for Internet Explorer and clear the check box
Select OK
Restart your computer

We recommend the following immediate actions: deleting IE from your machine using the above method, using a secure browser (Chrome, Firefox) , always running system updates, and using proactive antivirus software.

Rating: 5.0/5. From 1 vote.
Please wait...

Find out why Safestore adopted Hyve as their hosting provider

Case Studies

Hyve are 100% carbon neutral. We use carbon offsetting to balance out the release of carbon dioxide from our offices and infrastructure.