Lingering Risks: Retired Internet Explorer Still Causing Windows Vulnerabilities
Aashiya Mittal
Technical Content Writer @ OnGraph Technologies Limited | BA in Web Content Creation
Despite Internet Explorer no longer being in use, its remaining components continue to cause problems.
Recently, a second zero-day vulnerability was discovered, highlighting how attackers can still exploit old software to launch attacks. The flaw went undetected for months, allowing cybercriminals to take advantage of outdated systems.
Know how it happened.
1. What Was the Issue?
The vulnerability, CVE-2024-43461, is a high-severity flaw in the MSHTML platform, a core part of Internet Explorer. Even though the browser is retired, MSHTML is still used by some applications. The flaw allowed attackers to trick users into running harmful code by disguising dangerous files as safe ones. Advanced Persistent Threat (APT) groups, like Void Banshee, used the flaw to redirect users to malicious websites, where harmful files downloaded silently, leading to malware infections.
2. How Did They Encounter It?
Microsoft first learned about the vulnerability after it had already been exploited in the wild as early as July 2024. As reported by Trend Micro’s Zero Day Initiative (ZDI), attackers were able to hide file extensions, making dangerous files look harmless, and tricking users into opening them.
3. Impact
The impact of this vulnerability was significant. The attackers used the flaw to distribute the Atlantida stealer, a malware designed to steal sensitive data from compromised systems, causing-
领英推荐
The vulnerability also highlighted the ongoing risks posed by legacy software that remains integrated into modern systems, emphasizing the need for vigilance and timely security updates, even for software that appears obsolete.
4. Actions Taken by Microsoft
Microsoft quickly addressed the issue by releasing a fix in its September 2024 Patch Tuesday update. This came after an earlier fix in July 2024 for a related flaw, CVE-2024-38112, which was part of the same attack chain. Microsoft advised users to install both updates to fully close the security loophole. These patches stopped attackers from exploiting the vulnerability and executing harmful code.
Final Thoughts
This vulnerability highlights the importance of keeping systems regularly updated, even for software that is no longer in use. As long as old components like MSHTML remain part of Windows, they can still be targeted by attackers, making regular security updates a must to stay protected.
It time to-
Know your system, Find loopholes, be Proactive, and Create a strong defense system.