Skip to main content

Google And Microsoft Working Together On MHTML Flaw

Google is working closely with rival Microsoft to fix a vulnerability in Microsoft's Internet Explorer which is being exploited by hackers to attack some unnamed activists and also other users.

The search engine giant said in a blog post that it had noticed “highly targeted and apparently politically motivated attacks” against some of its users, especially certain activists.

The attacks, according to Google, exploit a publicly disclosed MHTML vulnerability for which Microsoft has released a temporary patch.

“We’re working with Microsoft to develop a comprehensive solution for this issue,” Google said but also added that in the meantime, users running Internet Explorer web browser on Windows should deploy a temporary fixit patch that has been released by Microsoft.

Google also said that it had deployed some temporary fixes of its own to make it harder for hackers to exploit the vulnerability.

“To help protect users of our services, we have deployed various server-side defenses to make the MHTML vulnerability harder to exploit. That said, these are not tenable long-term solutions, and we can’t guarantee them to be 100% reliable or comprehensive,” the company explained.

The vulnerability exists in the manner in which Internet Explorer renders MHTML files or files that have multiple file formats coupled with HTML files.