Internet Explorer flaw leaves Windows users vulnerable to hackers

[Firefox]

Internet Explorer flaw leaves Windows users vulnerable to hackers -- even those who don't use the browser

A zero-day exploit found in Internet Explorer means hackers could steal files from Windows users. What's particularly interesting about this security flaw is that you don't even need to be an Internet Explorer user to be vulnerable.

A security researcher has revealed details of an unpatched exploit in the way IE handles MHT files, and the problem affects Windows 7, Windows 10 and Windows Server 2012 R2. It leaves users vulnerable not only to having their files stolen by hackers, but also means they could be spied upon.

FULL STORY/Source: https://betanews.com/2019/04/15/internet-explorer-mht-vulnerability/

[exile360]

Well joy.  Thankfully the only .MHT files I ever open are ones I created myself by downloading webpages (like for tutorials and the like) and I also have all print functions disabled, both for security reasons and because I don't use any printers (physical or virtual) so the Print Spooler service is disabled on my system, breaking internet printing and the like.

That said, I did go ahead an re-associate .MHT files with MS Word instead of IE (since Word will block any scripting embedded in any such file it opens by default, thus breaking any javascript based exploits and the like that might be used to take advantage of this vulnerability).

Either way, I do hope MS gets around to patching it even if they plan to abandon IE as it still remains my favorite browser by far.

[Amaroq_Starwind]

How do you re-associate stuff using command-line?

[exile360]

It's all stored in the registry, so to do that through the command line you could just use reg.exe.