Southern writes:A vulnerability in the way Internet Explorer parses MHTML content—a method for combining multiple file types and HTML content into a single file—is now targeting users as part of a "drive-by" browser attack.
It's called that due to the process by which attackers exploit the loophole: They'll create a malicious website, lure a user in, and then force the user's browser to run Javascript code. This code can access information from a user's browser or, worse, entice a user to install additional code that opens up his or her system to additional hacks.
"The end result of this type of vulnerability is script encoded within the link executed in the context of the target document or target web site," write Dave Ross and Chengyun Chu in Microsoft's Security Research & Defense blog.
more: PCMag
Internet Explorer Used to Exploit Windows MHTML VulnerabilityPosted on Wednesday, March 16, 2011 @ 00:30:37 CDT in Security Associated Topics
 |
Related
![[Valid RSS]](https://www.ravenphpscripts.com/images/valid-rss.png "Validate my RSS feed"){kind=small}
