About a vulnerability in Internet Explorer can be read with the help of prepared MHT files any files of a user. Microsoft does not want to close the zero-day security gap for the time being. Security researcher John Page had discovered the vulnerability and has now published a lack of response from Microsoft. For the time being, Windows users should not open MHT files.
If Web pages are saved locally using Internet Explorer, they are saved as MHTML web archives. These MHT files are opened by default with Internet Explorer, even for users who use Edge, Chrome or Firefox in their Surprise tag. Accordingly, it is sufficient for the attack when a user opens an MHT file – even in current Windows installations with Windows 7 or 10 with Internet Explorer 11.
With prepared MHT files, an error in the handling of XML objects can be exploited, a so-called XXE-gap (XML External Entity). Through this, any files of a Windows system can be read and transferred to a web server.
Microsoft does not want to solve the problem for the time being
The security researchers had the gap according to own data already discovered in March and reported to Microsoft. On April 10, Microsoft sent him the following statement: “We have decided to close the vulnerability in a future release of the product or service, at which time we will not release any ongoing updates on the status of the fix.” We have this case closed.” As a result, Page decided to publish the vulnerability along with proof-of-concept.