| CVE Number | Vulnerability | Product | Severity | Date |
|---|---|---|---|---|
| CVE-2017-8592 | Microsoft Browser Security Feature Bypass | Microsoft Edge | Critical | 12-07-2017 |
Technical Information
Brief overview of the risk:
A security feature bypass vulnerability exists when Microsoft Browsers improperly handle redirect requests. This vulnerability allows Microsoft Browsers to bypass CORS redirect restrictions and to follow redirect requests that should otherwise be ignored.
Detailed Information on the risk:
In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers and then convince a user to view the website. The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements.
Microsoft EdgeFurther information on this exploit is available at : CVE-2017-8592
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9
Affected Software
Microsoft EdgeMicrosoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Internet Explorer 9