Just days ago, it emerged that a zero-day vulnerability that could affect devices running Windows 7, Windows 10 and Windows Server 2012 (R2) could be used to exfiltrate data from affected machines.
According to the report, the flaw was discovered by security researcher John Page, better known by his online alias hyp3rlinx. The attack — dubbed an “XML External Entity attack” or “XXE vulnerability” — could allow the extraction of potentially-sensitive data from an affected machine.
In the report, Page details the steps required to successfully exploit Internet Explorer in a process that requires the unwitting victim to manually open a specially-crafted malicious ‘.MHT’ file, which could then call to a particular Javascript function to extract private information and (possibly) files from an affected device.
As it stands, Internet Explorer is the only major browser that still supports Java. Moreover, since almost every Windows device released since 2009 ships with Internet Explorer installed, the potential for damage is high.
As of yet, Microsoft has not released a fix for the flaw, but a response dated April 10, 2019, suggested that it may be fixed in a future version of Windows.
Be Your Own Cryptocurrency BankWith that said, there is a surprisingly large number of cryptocurrency owners that use old computer hardware for cold storage. Should this wallet be connected to the internet on a device with Internet Explorer as the default browser, then this wallet could potentially be extracted by an attacker under the right conditions.
As of yet, crypto-friendly alternative browser Brave has not yet taken this opportunity to muscle in on Microsoft’s already diminishing territory. That said, we imagine it won’t be long until competitors kick up a fuss about the exploit.
Uninstall Internet Explorer, Edge Users Beware
Since the news broke, Mitja Kolsek from the 0patch team found that the exploit could be further refined. This modified attack could also target Microsoft’s Edge browser while being harder to prevent and potentially much more damaging — with the potential to “extract many local files using a single MHT file.”
For now, it is recommended that users either disable Internet Explorer or completely uninstall the program until a patch is released. If you absolutely must use Internet Explorer, we recommend being extremely wary of MHTML (MHT) files, as opening one of these is a requirement for the attack.
source:
https://beincrypto.com/new-internet-explorer-exploit-could-threaten-your-cryptocurrency-stash/