New IE zero day attack April 2019 - EVGA Forums

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

Welcome, ! User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes

Mark Thread UnreadFlat Reading Mode ❐

New IE zero day attack April 2019

Author Post Essentials Only Full Version
Cool GTX EVGA Forum Moderator Total Posts : 30991 Reward points : 0 Joined: 2010/12/12 14:22:25 Location: Folding for the Greater Good Status: offline Ribbons : 122 2019/04/18 07:03:24 (permalink) New IE zero day attack April 2019 Internet Explorer zero-day lets hackers steal files from Windows PCs The New IE exploit does Not require you to have IE running ---> Just Installed in your PC. There are MHT file sharing attributes that would allow rouge access of your PC if a Hacker had access to your PC. (MHT stands for MHTML Web Archive and is the default standard in which all IE browsers save web pages when a user hits the CTRL+S) MS is Not going to make a patch at this time - maybe the next update cycle they will offer some protection What Can you Do ? Best thing to do Now to protect against the zero day exploit of Internet Explorer makes Windows vulnerable. 1) uninstall Internet Explorer 2) If your not willing to uninstall IE, then at a minimum ---> change default appt open .mht and .mhtlm files. Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members I am a Volunteer Moderator - not an EVGA employee https://foldingathome.org -->become a citizen scientist and contribute your compute power to help fight global health threats *RTX Project* EVGA X99 FTWK *Nibbler* EVGA X99 Classified EVGA 3080Ti FTW3 Ultra #1 18 Replies Related Threads
Sajin EVGA Forum Moderator Total Posts : 49167 Reward points : 0 Joined: 2010/06/07 21:11:51 Location: Texas, USA. Status: offline Ribbons : 199 Re: New IE zero day attack April 2019 2019/04/18 10:58:39 (permalink) Uninstalled. See my current build here: https://forums.evga.com/My-bench-rig-unlimited-power-m3596024.aspx RTX 2080 Ti 4-way SLI?!?!: https://forums.evga.com/RTX-2080-Ti-4way-SLi-set-by-yours-truly-m2954756.aspx #2
XrayMan Insert Custom Title Here Total Posts : 73000 Reward points : 0 Joined: 2006/12/14 22:10:06 Location: Santa Clarita, Ca. Status: offline Ribbons : 115 Re: New IE zero day attack April 2019 2019/04/18 21:10:22 (permalink) I'll keep using Edge then. My Affiliate Code: 8WEQVXMCJL Associate Code: VHKH33QN4W77V6A &nbsp #3
MasterMiner SSC Member Total Posts : 713 Reward points : 0 Joined: 2018/01/25 21:39:33 Status: offline Ribbons : 2 Re: New IE zero day attack April 2019 2019/04/19 05:42:52 (permalink) Ugly, I need it for my software signing key. Not much reassurance there... I used to mine. Now I compute. #4
EyeDeeNo SSC Member Total Posts : 670 Reward points : 0 Joined: 2017/01/12 09:15:18 Location: 97km north of New York City Status: offline Ribbons : 12 Re: New IE zero day attack April 2019 2019/04/19 07:47:30 (permalink) IE11 is still on my system and will remain there because I am not convinced this External Entity security flaw/oversight poses a big enough risk. Edit: Really never engage in the actively that would potentially start the set of events to put my system at risk by this. Microsoft Edge File Permissions Clash with IE, Allow XXE Attacks Exploitation is possible when users open a specially-crafted MHT file that was downloaded with Microsoft's Edge browser. This type of files are MHTML Web Archives, the default format Internet Explorer (IE) uses to save web pages. IE is also the default program to open them in Windows operating system. Mitja Kolsek of ACROS Security analyzed the problem and determined that its origin is in "an undocumented security feature" in Edge that interferes with Internet Explorer's capability to read correctly the mark of the web (MOTW) flag applied to files downloaded from the web. Until Microsoft releases a fix for this vulnerability, a micropatch is available through the 0Patch platform. It applies error checking routines that allow Internet Explorer to correctly interpret the mark of the web flag Edge sets for downloaded files. post edited by EyeDeeNo - 2019/04/19 07:54:03 Lenovo 710-25ISH IdeaCentre with an Intel Core i5-6400 ~ Win10 Home 64-Bit 21H2 Lenovo 3642 Motherboard Intel H170 Chipset ~ BIOS FWKTA7A 11/7/2019 FSP Group FSP250-30AGBAA 250w 80 Plus Bronze EVGA 04G-P4-6251-KR GeForce GTX 1050 Ti Gaming VBIOS 86.07.22.00.50 ~ Precision XOC 6.0.9 ~ Game Ready 516.59 G.SKILL F4-2400C15Q-4GNT Value DDR4 4x4GB Kit Crucial CT1000MX500SSD1 MX500 SSD 1TB Firmware M3CR043 (Sabrent BK-PCBS) + Seagate ST2000DM008-2FR102 Barracuda HDD 2TB Pioneer BDR-209UBK Blu-ray Burner ~ Firmware 1.54 10/7/2020 AOC E2475SWQE 23.6'' 1ms TN 1080p 60Hz Monitor via Athena CLH-DP0612MM28 DP + Samsung UN32J5500AF 31.5'' TV via Belkin F8V3311B15 HDMI Creative GigaWorks #5
MasterMiner SSC Member Total Posts : 713 Reward points : 0 Joined: 2018/01/25 21:39:33 Status: offline Ribbons : 2 Re: New IE zero day attack April 2019 2019/04/19 10:06:06 (permalink) The good news from msft just keeps coming I used to mine. Now I compute. #6
Nozler CLASSIFIED Member Total Posts : 2043 Reward points : 0 Joined: 2009/10/28 10:51:49 Location: Ottertail county,Minnesota,USA Status: offline Ribbons : 1 Re: New IE zero day attack April 2019 2019/04/20 09:19:55 (permalink) Uninstalled thanks for the heads up #7
bill1024 Omnipotent Enthusiast Total Posts : 11089 Reward points : 0 Joined: 2008/10/18 01:01:10 Status: offline Ribbons : 65 Re: New IE zero day attack April 2019 2019/04/20 16:11:38 (permalink) Cool GTX New IE zero day attack April 2019 Internet Explorer zero-day lets hackers steal files from Windows PCs The New IE exploit does Not require you to have IE running ---> Just Installed in your PC. There are MHT file sharing attributes that would allow rouge access of your PC if a Hacker had access to your PC. (MHT stands for MHTML Web Archive and is the default standard in which all IE browsers save web pages when a user hits the CTRL+S) MS is Not going to make a patch at this time - maybe the next update cycle they will offer some protection What Can you Do ? Best thing to do Now to protect against the zero day exploit of Internet Explorer makes Windows vulnerable. 1) uninstall Internet Explorer 2) If your not willing to uninstall IE, then at a minimum ---> change default appt open .mht and .mhtlm files. I am not a software or security expert, but there is something bothering me about this. I highlighted this statement. "There are MHT file sharing attributes that would allow rouge access of your PC if a Hacker had access to your PC. " Seems to me they are saying it is a problem IF a hacker had access to your PC. So what? Don't you think you already have a major problem if a hacker has access to your PC? The hacker already has access, the door is open, he is in and has access. Is it not too late to delete internet explorer? I think FireFox put this out to get you to change over from IE, or MS just wants you to use their newer browser. Life is too short to carry a cheap pocket knife #8
ty_ger07 Insert Custom Title Here Total Posts : 21171 Reward points : 0 Joined: 2008/04/10 23:48:15 Location: traveler Status: offline Ribbons : 270 Re: New IE zero day attack April 2019 2019/04/20 17:13:38 (permalink) bill1024 Seems to me they are saying it is a problem IF a hacker had access to your PC. So what? Don't you think you already have a major problem if a hacker has access to your PC? The hacker already has access, the door is open, he is in and has access. Is it not too late to delete internet explorer? I think FireFox put this out to get you to change over from IE, or MS just wants you to use their newer browser. The description of 'access' is poor. "Access" is as vague as convincing someone to open the email you sent to them. Because on Windows all MHT files are automatically set to open by default in Internet Explorer, exploiting this vulnerability is trivial, as users only need to double-click on a file they received via email, instant messaging, or another vector. ASRock Z77 • Intel Core i7 3770K • EVGA GTX 1080 • Samsung 850 Pro • Seasonic PRIME 600W Titanium My EVGA Score: 1546 • Zero Associates Points • I don't shill #9
mike406 SSC Member Total Posts : 904 Reward points : 0 Joined: 2015/02/21 18:17:33 Status: offline Ribbons : 13 Re: New IE zero day attack April 2019 2019/04/20 17:52:07 (permalink) bill1024 Cool GTX New IE zero day attack April 2019 Internet Explorer zero-day lets hackers steal files from Windows PCs The New IE exploit does Not require you to have IE running ---> Just Installed in your PC. There are MHT file sharing attributes that would allow rouge access of your PC if a Hacker had access to your PC. (MHT stands for MHTML Web Archive and is the default standard in which all IE browsers save web pages when a user hits the CTRL+S) MS is Not going to make a patch at this time - maybe the next update cycle they will offer some protection What Can you Do ? Best thing to do Now to protect against the zero day exploit of Internet Explorer makes Windows vulnerable. 1) uninstall Internet Explorer 2) If your not willing to uninstall IE, then at a minimum ---> change default appt open .mht and .mhtlm files. I am not a software or security expert, but there is something bothering me about this. I highlighted this statement. "There are MHT file sharing attributes that would allow rouge access of your PC if a Hacker had access to your PC. " Seems to me they are saying it is a problem IF a hacker had access to your PC. So what? Don't you think you already have a major problem if a hacker has access to your PC? The hacker already has access, the door is open, he is in and has access. Is it not too late to delete internet explorer? I think FireFox put this out to get you to change over from IE, or MS just wants you to use their newer browser. You're quoting something OP said himself. That phrasing is not present in the article. All someone needs to do is send a malicious MHT file through email or IM and if you open it, that's it. Associate Code: 6KIMUJ06W8WFDR5 (5-10% off your purchase) #10
Nereus Captain Goodvibes Total Posts : 18923 Reward points : 0 Joined: 2009/04/09 20:05:53 Location: Brooklyn, NYC. Status: offline Ribbons : 58 Re: New IE zero day attack April 2019 2019/04/25 23:59:02 (permalink) Microsoft's devious plan to force people onto MS Edge: poison pill IE. Sadly, I wouldn't put it past them... BUILD 1 2 \| MINI-ITX BUILD \| MODSRIGS $1K WIN \| HEATWARE 111-0-0 \| ASSOCIATE CODE CSKKXUT5Q9GVAFR #11
wmmills CLASSIFIED ULTRA Member Total Posts : 5679 Reward points : 0 Joined: 2006/01/04 20:47:29 Location: New Jersey Status: offline Ribbons : 40 Re: New IE zero day attack April 2019 2019/04/26 04:21:44 (permalink) "The vulnerability resides in the way Internet Explorer processes MHT files. MHT stands for MHTML Web Archive and is the default standard in which all IE browsers save web pages when a user hits the CTRL+S (Save web page) command." OK, so you have to be saving web pages, I guess to make them load faster...not sure why else youd do that, by using the ctrl + s command, which im pretty sure I haven't done anything like that since about 1998, lol, but hey I suppose it could happen. I don't save history of my searching/pages by default on any browser anyway so I think between that and not hitting ctrl +s your good. No wonder MS doesn't care....kinda a very obscure chance anyone would randomly setup the chance for this to happen in such a very unique sequence. MOBO: EVGA x299 Dark, CPU: I9 10900X, RAM: Patriot Viper RGB 3600 32gb, SSD: Samsung 860 EVO 1TB, M2: Samsung 970 EVO+ 1TB, PSU: CoolerMaster M2 1500, CPU HSF: EVGA 240 CLC HSF~ P/P EK Furious Vardar, G-CARD:EVGA RTX3090 FTW3 Ultra Gaming w/Hybrid kit and Noctua IPPC 3000 P/P, CASE: LIAN-LI PC-V2010B w/ Window mod, OS: Windows 10 Pro 64bit, MON: Alienware AW3821DW New EVGA product? Register it NOW with this link: http://www.evga.com/register/default.asp?affiliatecode=4QFQRAMOII Help Our Vets From K-2! [link=https://strongholdfreedom #12
Cool GTX EVGA Forum Moderator Total Posts : 30991 Reward points : 0 Joined: 2010/12/12 14:22:25 Location: Folding for the Greater Good Status: offline Ribbons : 122 Re: New IE zero day attack April 2019 2019/04/26 13:05:56 (permalink) More troubling is the Risk exists even if you are not using IE - just having it installed - IE doe Not have to be open or in use The advice is simple enough: If your not willing to uninstall IE, then at a minimum ---> change default appt open .mht and .mhtlm files Like any security risk, it is up to the end user to evaluate their situation & risk tolerance Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members I am a Volunteer Moderator - not an EVGA employee https://foldingathome.org -->become a citizen scientist and contribute your compute power to help fight global health threats *RTX Project* EVGA X99 FTWK *Nibbler* EVGA X99 Classified EVGA 3080Ti FTW3 Ultra #13
Nereus Captain Goodvibes Total Posts : 18923 Reward points : 0 Joined: 2009/04/09 20:05:53 Location: Brooklyn, NYC. Status: offline Ribbons : 58 Re: New IE zero day attack April 2019 2019/04/26 15:02:30 (permalink) FYI, some may not realize you have IE installed - it's installed automatically with Windows 10, even though MS Edge is used as default. To get rid of it: Open control panel Select 'programs' Select 'turn Windows features on or off' Uncheck 'Internet Explorer 11' from the list Click 'OK' Click 'yes' on the warning about removing IE11 Restart (you should get prompted to do this) Relax. BUILD 1 2 \| MINI-ITX BUILD \| MODSRIGS $1K WIN \| HEATWARE 111-0-0 \| ASSOCIATE CODE CSKKXUT5Q9GVAFR #14
flyinion CLASSIFIED Member Total Posts : 2275 Reward points : 0 Joined: 2007/03/27 12:17:04 Location: California Status: offline Ribbons : 8 Re: New IE zero day attack April 2019 2019/04/26 15:08:36 (permalink) Wait, they actually let you remove IE? How did I not know that? I mean, I knew Edge was their default in Win10 but still, I thought IE was baked in as a legacy item and didn't realize it could be removed like that. Guess I know what I'm doing tonight. I'm unlikely to download anything that would allow the compromise, but I also never use IE at home so there's not really a reason to have it installed either. AMD Ryzen 5950X \| Asus Crosshair VIII Hero \| Gigabyte Gaming OC 4090 w/EK Vector2 \| GSkill Trident Z Neo 2x16GB DDR4-3600 \| WD SN850 2TB \| Samsung 970 EVO Plus 500GB & 860 Evo 2TB \| Phanteks Enthoo 719 \| Seasonic Prime Ultra Gold 1000W \| Steelseries M750 TKL \| SteelSeries Prime Wireless \| SteelSeries Arctis Pro + GameDAC \| Kanto YU2 + Yamaha sub \| Schiit Magni 2 Uber & Modi 2 Uber \| LG 34GN850 \| Asus PG279Q \| Win 11 Pro \| Custom water loop #15
Nereus Captain Goodvibes Total Posts : 18923 Reward points : 0 Joined: 2009/04/09 20:05:53 Location: Brooklyn, NYC. Status: offline Ribbons : 58 Re: New IE zero day attack April 2019 2019/04/26 15:09:45 (permalink) flyinion Wait, they actually let you remove IE? How did I not know that? I mean, I knew Edge was their default in Win10 but still, I thought IE was baked in as a legacy item and didn't realize it could be removed like that. Guess I know what I'm doing tonight. I'm unlikely to download anything that would allow the compromise, but I also never use IE at home so there's not really a reason to have it installed either. you can remove Windows media player there too, among other things. post edited by Nereus - 2019/04/26 15:12:36 BUILD 1 2 \| MINI-ITX BUILD \| MODSRIGS $1K WIN \| HEATWARE 111-0-0 \| ASSOCIATE CODE CSKKXUT5Q9GVAFR #16
flyinion CLASSIFIED Member Total Posts : 2275 Reward points : 0 Joined: 2007/03/27 12:17:04 Location: California Status: offline Ribbons : 8 Re: New IE zero day attack April 2019 2019/04/26 15:50:02 (permalink) Nereus you can remove Windows media player there too, among other things. You'd think I'd have noticed too, I was just in there a couple weeks ago to install Hyper-V. AMD Ryzen 5950X \| Asus Crosshair VIII Hero \| Gigabyte Gaming OC 4090 w/EK Vector2 \| GSkill Trident Z Neo 2x16GB DDR4-3600 \| WD SN850 2TB \| Samsung 970 EVO Plus 500GB & 860 Evo 2TB \| Phanteks Enthoo 719 \| Seasonic Prime Ultra Gold 1000W \| Steelseries M750 TKL \| SteelSeries Prime Wireless \| SteelSeries Arctis Pro + GameDAC \| Kanto YU2 + Yamaha sub \| Schiit Magni 2 Uber & Modi 2 Uber \| LG 34GN850 \| Asus PG279Q \| Win 11 Pro \| Custom water loop #17
Neutro iCX Member Total Posts : 436 Reward points : 0 Joined: 2018/07/19 15:31:31 Location: France Status: offline Ribbons : 12 Re: New IE zero day attack April 2019 2019/04/26 16:02:39 (permalink) Thank you for the information Cool 9900k / EVGA Z370 FTW / 4070 FE / Corsair DDR4 3200 Mhz 16GB / Phanteks P600S / EVGA Supernova 1200 P2 / WD SN850 1 TB / Asus PG248Q - pix #18
mike406 SSC Member Total Posts : 904 Reward points : 0 Joined: 2015/02/21 18:17:33 Status: offline Ribbons : 13 Re: New IE zero day attack April 2019 2019/04/27 19:31:42 (permalink) For some reason, I don't have Internet Explorer in that list, but yet it's installed... Associate Code: 6KIMUJ06W8WFDR5 (5-10% off your purchase) #19

Jump to:

Back to Mobile