Microsoft Browser CVE-2016-3391 Information Disclosure Vulnerability
Description
An information disclosure vulnerability exists when affected Microsoft browsers leave credential data in memory. An attacker who successfully exploited this vulnerability could harvest credentials from a memory dump of the browser process. An attacker would need access to a dump of memory from the affected system. The security update addresses the vulnerability by changing the way that Microsoft browsers store credentials in memory.
Affected Applications
Internet Explorer 9
Microsoft Edge
Internet Explorer 11
Internet Explorer 10