Login   |   Secure Purdue > News

Vulnerability in MHTML Could Allow Information Disclosure

Microsoft is reporting that there is a vulnerability in all supported versions of Windows that could allow for information disclosure on a users system. Malicious scripts inserted into MHTML pages could allow an attacker to access information on a users system or take actions on a website on behalf of the targeted user.

Users are advised to impliment a number of workarounds until a fix has been provided. For workaround steps and more information about this vulnerability, please see https://www.microsoft.com/technet/security/advisory/2501696.mspx

Posted by Anthony Paladino on January 31, 2011, in Handlers Log.