Internet Explorer, Microsoft's long-established web browser, is still being used to install malware on users' devices, experts have warned.
A Check Point Research (CPR) report described a new and rather unique campaign in which hackers distributed .URL files. These are Windows Internet shortcut files that are used to direct the user directly to a web page. The hackers managed to disguise these files to look like .PDF files and present them to their victims as if they were a book.
When victims run the file, it triggers a series of messages that, if ignored (and accepted, essentially), cause the old, outdated Internet Explorer to be launched and a website to be visited. This is risky in itself, as hackers can create unique web pages that can exploit IE vulnerabilities to distribute various malicious programs.
Microsoft releases a patch
Microsoft officially replaced Internet Explorer with Microsoft Edge as the default web browser when it launched Windows 10 in late July 2015. Edge was introduced as a more modern and secure browser, built on a new engine (originally called EdgeHTML and then switched to the Chromium engine in January 2020) to provide better performance and support for web standards.
While Internet Explorer remained available for compatibility reasons, Microsoft has been encouraging users and organizations to transition to Edge. Internet Explorer 11, the final version, was officially retired and ended support for certain versions of Windows on June 15, 2022.
CPR reported its findings to the Microsoft Security Response Center (MSRC), which acknowledged the discovery and released a patch. The vulnerability is now known as CVE-2024-38112 and the patch was officially released on July 9. Users are advised to apply it as soon as possible, as threat actors have been abusing the flaw for over a year.
