Today Microsoft Security Response Centre issued an advisor 2501696 for the publically disclosed vulnerability in MHTML (MIME encapsulation of aggregate HTML) protocol handler which is used by certain applications to render certain kinds of documents. A hacker can use this exploit to execute and XSS attack from a specially crafted webpage through Internet explorer. All versions of Windows Operating systems are affected by this vulnerability.

As the vulnerability is found in component associated with Internet Explorer only, if your are using Mozilla Firefox or Chrome web browsers you are on the safe side.Microsoft has advised user to apply lock or disable MHTML protocol  till a patch is made available as the exploit details are available online. To lock down the vulnerable MHTML protocol  follow this link.

LEAVE A REPLY

Please enter your comment!
Please enter your name here