I think the key here prob. is the attack vector - MSRC prob. think “double-clicking on a non-MOTW local mht file” isn’t a valid vector, as there maybe bigger/known problems if you open non-MOTW mht file locally with IE.https://twitter.com/wdormann/status/1116691419673047042 …
-
-
Yeah, the MoTW doesn't matter. ZoneID=3 means "internet zone" And perhaps not-surprisingly, IE will open web pages from the internet zone without prompting.pic.twitter.com/J5heQgZzhX
-
Okay, that's weird.. I just got a test (didn't actually test yesterday). The weird thing is that I found that on Windows 10 the MoTW is a NOT vector (same as ur test), but on Windows 7 it is - if MoTW, then only the datatears.xml will be downloaded but no system.ini leaking.
- 6 more replies
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.