Cyber Alert: Critical Vulnerability Discovered in Internet Explorer

Author

ACA Aponix

Publish Date

Type

Cyber Alert

Topics
  • Cybersecurity
  1. Insights
  2. Cyber Alert: Critical Vulnerability Discovered in Internet Explorer

On April 10, researchers published information on a critical vulnerability in Microsoft’s Internet Explorer® (IE) browser. This previously unseen, “zero-day” exploit enables attackers to remotely access locally installed program version information, and potentially to exfiltrate user data.

The vulnerability involves IE’s use of .MHT files to store and open content on user systems. Attackers can create a specially made .MHT file that, when opened, opens IE and allows for the injection of malicious commands via XML external entities. Attackers can create .MHT files that subsequently open automatically, without user intervention, or that bypass security warnings that accompany non-malicious .MHT files.

The vulnerability has been tested and shown to exist in the latest version of IE (v11), as well as on IE versions running on Windows 7, Windows 10, and Windows Server 2012 R2. While IE is not the browser of choice for a majority of users, the ability of this vulnerability to function without active IE use heightens its critical danger.

Microsoft has been notified of this vulnerability and has indicated that they will consider a fix for it in future versions of the product. No current fix is available.

ACA Aponix Guidance

ACA Aponix recommends taking the following actions regarding the IE vulnerability:

  • Monitor the Microsoft website for patch updates to this critical issue. Install updates immediately when available.
  • Consider blocking ingress and egress of .MHT files on email gateways and firewalls.
  • Consider disabling IE if not actively in use in the organization. IE can be disabled in Control Panel – Windows Features, or through PowerShell.
  • Inform staff of this vulnerability as relates to personal devices and “bring your own” devices used for work purposes.

How ACA Can Help

ACA Aponix offers the following solutions that can help your firm ensure strong security in light of the IE vulnerability:

If you have any questions, please contact your ACA Aponix consultant or email us at info@acaaponix.com.

Related insights

cyber lock

Critical Vulnerability Detected in Palo Alto Networks' GlobalProtect Gateways

A popular firewall used in the financial industry is under attack due to a critital zero-day vulnerability. Firms that use Palo Alto Networks' firewall need to update their software to protect their systems.

Cyber Alert
  • Cybersecurity
abstract image with a lock and shield

Two Important Cybersecurity Alerts from CISA

The Cybersecurity and Infrastructure Security Agency (CISA) issued two advisories that require impacted firms to take immediate action.

Cyber Alert
  • Cybersecurity
lock

Cybersecurity Benchmarking Survey Lists Top Concerns and Preparedness Among Respondents

Our annual survey in partnership with NSCP reveals that investment firms overlook AI as a cybersecurity risk and remain wary about SEC cybersecurity enforcement and compliance with new rules

Press Release
  • Cybersecurity
  • Cybersecurity Resources
  • ACA News