Microsoft Edge Cumulative Security Update
Last Update Date:
13 Apr 2016 11:59
Release Date:
13 Apr 2016
3634
Views
RISK: High Risk
TYPE: Clients - Browsers
- Multiple Microsoft Edge Memory Corruption Vulnerabilities
Multiple remote code execution vulnerabilities exist when Microsoft Edge improperly accesses objects in memory. The vulnerabilities could corrupt memory that enables an attacker to execute arbitrary code in the context of the current user. - Microsoft Edge Elevation of Privilege
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain. In a web-based attack scenario, an attacker could host a website in an attempt to exploit the vulnerability. - Microsoft Edge Elevation of Privilege Vulnerability
An elevation of privilege vulnerability exists when Microsoft Edge does not properly validate JavaScript under specific conditions, potentially allowing a script to be run with elevated privileges. In a web-based attack scenario, an attacker could host a website in an attempt to exploit this vulnerability.
Impact
- Elevation of Privilege
- Remote Code Execution
System / Technologies affected
- Edge
Solutions
Before installation of the software, please visit the software manufacturer web-site for more details.
- Download location for patches:
https://technet.microsoft.com/en-us/library/security/MS16-038
Vulnerability Identifier
Source
Related Link
Share with