Microsoft MHTML flaw targeted by hackers
Summary: A zero-day vulnerability first highlighted by Microsoft in January is now being exploited by hackers in targeted attacks, the company has warned
Microsoft has warned that hackers are targeting a zero-day flaw that affects all Windows operating systems.
The flaw, which was first highlighted by Microsoft in an advisory in January, allows an attacker to inject a client-side script into the response to a request made by Internet Explorer. The script could allow a hacker to compromise the user — by performing actions online that appear to have originated from the user; by stealing information from the user; or by otherwise trying to fool them.
The company updated its January security advisory on Friday, saying that it had seen attacks in the wild.
"Microsoft is aware of published information and proof-of-concept code that attempts to exploit this vulnerability," said the company. "In addition, at this time, Microsoft is aware of public proof-of-concept code being used in limited, targeted attacks."
MHTML, or Mime HTML, is a standard that allows web objects such as images to be combined with HTML into a single file. The vulnerability lies in how MHTML interprets Multipurpose Internet Mail Extensions (Mime) for content blocks in a document.
Microsoft has not yet issued a patch for the issue. Workarounds include disabling MHTML, for which Microsoft has provided a 'Fix It' script. However, this will affect all applications that use MHTML. IT professionals could also disable ActiveX, but this would affect many banking and e-commerce sites that use ActiveX to provide online services.
Get the latest technology news and analysis, blogs and reviews delivered directly to your inbox with ZDNet UK's newsletters.
Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.
Talkback