Credit to Author: Woody Leonhard| Date: Thu, 18 Apr 2019 09:57:00 -0700
The latest Internet Explorer XXE zero-day depends on you opening an infected MHT file. MHT is an old file format that’s almost always opened by IE — no matter which browser you’re using, no matter which version of Windows. Catalin Cimpanu has a good overview of this XXE vulnerability on ZDNet.
It’s a doozy of a security hole as it affects every recent version of IE, and it infects whether you’re actively browsing with IE or not.