It has been nearly a week since security researcher John Page reported that he had found an Internet Explorer XML eXternal Entity (XXE) vulnerability. A new layer of this vulnerability has been recently discovered and the implications are far more serious. A Microsoft Edge feature may threaten Internet Explorer’s security.
The vulnerability is a XML eXternal Entity or XXE attack. The attack occurs when an XML parser processes an XML input that includes a reference to an external entity. This type of attack could lead to the unwanted disclosure of sensitive information and a slew of other issues. In Page’s demonstration, he opened a malicious MHL file with a file manager. Internet Explorer automatically uploaded several files to a remote server.
Page also noticed a peculiarity. When he downloaded and opened the file through Internet Explorer, information was not sent to the remote server. However, when Page downloaded the file through Microsoft Edge and opened it through Internet Explorer, the exploit worked as it was intended. This vulnerability was also tested by Mitja Kolsek the CEO of ACROS Security, and they reached the same conclusion.