This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Internet Explorer Zero-Day 4/12/19 - Data Theft

According to ZDNet, there is a Zero-Day flaw in IE that can be exploited if a malicious actor tricks a user into opening a malicious MHT file which will allow the external actor to steal data from the host. Even after the flaw was reported to Microsoft, they chose not to patch it. Looks like a PoC was released by the researcher on 4/12. I guess since Microsoft knows about it but declined to fix it, it's maybe a One-Day.

Anyway, is this activity something that Sophos Endpoint or Hitman Pro would be able to catch?

https://www.zdnet.com/article/internet-explorer-zero-day-lets-hackers-steal-files-from-windows-pcs/



This thread was automatically locked due to age.
  • EDIT :: sorry, didnt notices its for Endpoint.

    you can block MHT file type in your web policy , download for mht files doesnt work then but as a side effect the access to many sites over http will be blocked too.

     

    i ve tried to block MHT attachements in the E-Mail policy but didnt work for me now. I also opened a discussion for that problem.