Internet Explorer – Microsoft’s long-defunct internet browser is still being used to install malware on people’s devices, experts warn.
A report from Check Point Research (CPR) outlined a new and somewhat unique campaign where hackers distributed .URL files. These are Windows Internet Shortcut files and are used to take a user directly to a web page. Hackers were able to disguise these files to look like .PDF files and present them to their victims as a book.
When victims execute the file, they trigger a series of prompts that, if ignored (and accepted, essentially), will result in running the old and outdated Internet Explorer and visiting a website. This in itself is risky, as hackers can create unique web pages that can exploit vulnerabilities in IE to deploy various malware.
Microsoft releases a patch
Microsoft officially replaced Internet Explorer with Microsoft Edge as the default web browser when it released Windows 10 in late July 2015. Edge was introduced as a more modern and secure browser, built on a new engine (originally called EdgeHTML and later switched to the Chromium engine in January 2020) to provide better performance and compatibility with web standards.
While Internet Explorer remains available for compatibility reasons, Microsoft encourages users and organizations to move to Edge. Internet Explorer 11, the final version, has been officially retired and will end support for certain versions of Windows on June 15, 2022.
CPR reported their findings to the Microsoft Security Response Center (MSRC), which acknowledged the discovery and issued a patch. The vulnerability is now tracked as CVE-2024-38112 and the patch was officially released on July 9. Users are advised to apply it as soon as possible, as threat actors have been exploiting the flaw for over a year.