The latest Internet Explorer XXE zero-day depends on you opening an infected MHT file. MHT is an old file format that’s almost always opened by IE — no matter which browser you’re using, no matter which version of Windows. Catalin Cimpanu has a good overview of this XXE vulnerability on ZDNet.
It’s a doozy of a security hole as it affects every recent version of IE, and it infects whether you’re actively browsing with IE or not.
To read this article in full, please click here