A new vulnerability has been discovered within Microsoft's legacy web browser, Internet Explorer, that can allow attackers and unwanted parties to record a user's browsing habits.
According to a recent blog post by Michael Caballero, a web security expert, the bug occurs when a page is loaded with the malicious HTML object tag in combination with the compatibility mode meta tag.
Caballero has made it possible for anyone to test out the bug, which obviously will only work when ran through Internet Explorer.
While Internet Explorer has already been discontinued by Microsoft in favor of Edge, only available on Windows 10, the security expert points out that the issue is still of great concern. This is because the legacy browser still has a larger user base compared to the latter. "In my opinion, Microsoft is trying to get rid of IE without saying it. It would be easier, more honest to simply tell users that their older browser is not being serviced like Edge," Caballero wrote on his Broken Browser blog. "I firmly believe that IE should be treated like Edge in terms of security, otherwise get rid of it completely."
Almost a year ago, the security expert also revealed an exploit within Microsoft Edge, which could have allowed tech support scammers to take advantage of Microsoft's SmartScreen technology for their own gain.