Unpatched Microsoft Edge and IE Bug, (Sat, Feb 25th)

Microsoft Edge and Internet Explorer can be exploited by a type confusion in HandleColumnBreakOnColumnSpanningElement. A POC was released here.

[1] https://bugs.chromium.org/p/project-zero/issues/detail?id=1011#c2


Guy Bruneau IPSS Inc.

Twitter: GuyBruneau

gbruneau at isc dot sans dot edu

Source: SANS Internet Storm Center, InfoCON: green @ February 24, 2017 at 08:45PM