<< Back
CVE Number Vulnerability Product Severity Date
CVE-2017-8592 Microsoft Browser Security Feature Bypass Microsoft Edge Critical 12-07-2017

Technical Information

Brief overview of the risk:
A security feature bypass vulnerability exists when Microsoft Browsers improperly handle redirect requests. This vulnerability allows Microsoft Browsers to bypass CORS redirect restrictions and to follow redirect requests that should otherwise be ignored.

Detailed Information on the risk:

In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements.

Further information on this exploit is available at : CVE-2017-8592

Microsoft Edge
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9

Affected Software

Microsoft Edge
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9