Barney's Blog

Blog archive

IE Hole Explored

Hopefully you learn something new everyday. Today I learned what MHTML is: It is a protocol handler that stands for MIME Encapsulation of Aggregate HTML (who thinks of this stuff?).

So why does MHTML matter? Because hackers can use it to crack IE in a similar fashion as a server-side cross-site-scripting vulnerability.

The attack vector points to a seemingly innocent (but ultimately malicious) link. Click on the puppy and your Windows machine could be running bad code in no time.

Experts are generally unconcerned, thinking this kind of attack is too complicated for the garden variety (read dense) hacker. Nonetheless, Microsoft is checking it out and already has a workaround -- simply block MHTML scripting. Hey, I could have thought of that!

Posted by Doug Barney on 01/31/2011 at 1:18 PM


comments powered by Disqus

Subscribe on YouTube