Endpoint Vulnerability

Microsoft Browser Information Disclosure Vulnerability


An information disclosure vulnerability exists when the Microsoft browser XSS filter is abused to leak sensitive page information. An attacker who successfully exploited the vulnerability could obtain sensitive information from certain web pages. To exploit the vulnerability, an attacker would have to log on to an affected system and run a specially crafted application. The update addresses the vulnerability by changing how the XSS filter handles RegEx.

Affected Products

Internet Explorer 9,Microsoft Edge,Internet Explorer 11,Internet Explorer 10