• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Advanced

Not what you are looking for? Ask the experts!

Kudos1 Stats

Internet Explorer .mht file exploit workaround

Folks!! No matter what browser you use to surf, the internet, will call up Internet Explorer on your systems ( if Windows based ) as IE is the default application for that file type. IE will open those files even if you are using Edge as an example and that file type is called for. There is a great article by Woody Leonhard here about what the exploit is all about. He also offers a workaround to mitigate the issue down to a level where opening these file types would be given low priority.

Also noted is a recommended company named 0patch, which in the article is stated to come highly recommended for micro-patching windows vulnerabilities. I won't link to their site for the same reasons as Woody chose not to, but a Google search will give you the results you need to find them. I have their .msi installer package downloaded and will test it at a later time.

Cheers

"From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.529 / N360 Deluxe 22.17.1.50 / Norton Core v.282 on Android 1.98

Replies

Kudos2 Stats

Re: Internet Explorer .mht file exploit workaround

Note:  A little more information here first.  This only affects Windows 10 machines as it concerns Edge browser, so if you're using other Operating Systems you shouldn't be too concerned.

I have recently started using 0Patch free version on my Win10 x64 1809 machines and can recommend it.  It uses around 7 MB of RAM so will not slow your machine down.  As @SoulAsylum has mentioned, 0Patch has patched this vulnerability and is currently patching any program that runs urlmon.dll on my machines.

The Pro version may be worth considering for Windows 7 machines when they reach EOL after January 2020.

I'm not sure why SA didn't post a link, but out of respect and in case I'm missing something I won't either.

A little bit of knowledge is... well a little bit of knowledge.
Kudos1 Stats

Re: Internet Explorer .mht file exploit workaround

Thanks for the follow-up. I also would like to add an additional note as well. Having installed the 0patch agent it also shows as having patched the urlmon.dll library for Outlook as well. Screenshot provided.

Cheers

"From DOS to Windows10 what a journey it has been" / MS Certified Professional / Windows 10 Professional x 64 version 1809 / build 17763.529 / N360 Deluxe 22.17.1.50 / Norton Core v.282 on Android 1.98
Kudos1 Stats

Re: Internet Explorer .mht file exploit workaround

You'll find the more programs you use the more programs get patched.

Cheers.

PS:  I left a message for you elsewhere.

A little bit of knowledge is... well a little bit of knowledge.
Kudos0

Re: Internet Explorer .mht file exploit workaround

IE will never dIE! (insert creepy laugh) ;-)