Flaw in Microsoft Edge Gives Hackers Access to Local Files

vulnerability in edge

Tech conglomerate Microsoft has reportedly patched a vulnerability in its Edge browser. The vulnerability could essentially be abused against older versions of the browser with the risk of files potentially being stolen from a users’ machine.

Exploitation of the flaw involves social engineering which reduces the likelihood of exploitation. Ziyahan Albeniz was the Netsparker researcher who discovered the vulnerability said it essentially involved the Same-Origin Policy or SOP security feature supported by all internet browsers.

SOP essentially functions by preventing attackers from being able to load malicious code using a link that doesn’t match the subdomain, port and protocol.

According to Albeniz, the SOP implementation on Microsoft Edge worked as it was intended to except for whenever its users were coerced into downloading a malicious HTML file onto their machine and then actually running that file.

The malicious code within the HTML file would essentially be loaded using the file:// protocol whenever a user would run the file, since the file was a local one, it wouldn’t require a port value and a domain.

This meant that the malicious file could actually house code that could both collect and embezzle any info it desired from the local file system that was accessible via “file://” URL.

Due to the fact that any OS file is accessible via a file:// URL within an internet browser, it allows the attacker the ability to access, collect, and ultimately steal any of the local files they want.

During the execution of Albeniz’s tests, he had the ability to steal info from local machines and then send that data to a remote server. He accomplished this by executing the malicious file within both the Edge internet browser and the Calendar and Mail application. A video of the attack was also recorded by Albeniz.

According to Albeniz, with the release of Microsoft’s June 2018 patch, the company repaired the vulnerability  (CVE-2018-0871).

Please leave any comments on this article below

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients