Security News > 2021 > February > Internet Explorer 11 zero-day vulnerability gets a free micropatch

Internet Explorer 11 zero-day vulnerability gets a free micropatch
2021-02-11 19:34

An Internet Explorer 11 zero-day vulnerability used against security researchers, not yet fixed by Microsoft, today received a micropatch that prevents exploitation.

An MHT file, or MIME HTML, is a special file format used by Internet Explorer to store a web page and its resources in a single archive file.

When an MHT file is launched, Windows will automatically use Internet Explorer to open the file as it is configured as the default file handler.

At this time, Microsoft has not publicly acknowledged the Internet Explorer zero-day or assigned a CVE identifier to the vulnerability.

Today, 0Patch announced that they have begun to push out a micropatch for the Internet Explorer 11 vulnerability as it was actively used in attacks.

Windows 7 w/o ESU. Windows Server 2008 R2 w/o ESU. "Internet Explorer is inherently present in all large organizations, and a vulnerability like this can very efficiently be used in an external or internal attack to compromise users' workstations. We'd certainly use it in a penetration test," Kolsek told BleepingComputer.


News URL

https://www.bleepingcomputer.com/news/security/internet-explorer-11-zero-day-vulnerability-gets-a-free-micropatch/