Microsoft Ignores Flaws in Edge and IE Browsers

[straycat19]

Google's Project Zero has revealed a bug in Microsoft's Internet Explorer and Edge browsers.

 

First turned up on November 25, the bug offers evildoers a technique that would let a malicious web site crash a visitor's browser as the main course, with code execution as the dessert.

 

Detailed here (https://bugs.chromium.org/p/project-zero/issues/detail?id=1011), the bug works by attacking a type confusion in HandleColumnBreak 
 OnColumnSpanningElement.

 

A 17-line proof-of-concept crashes that process, with a focus on two variables rcx and rax.

 

“An attacker can affect rax by modifying table properties such as border-spacing and the width of the first th element,” Project Zero's post states – so the crafted Web page just needs to point rax to memory they control.

 

The issue was published at the end of Project Zero's 90-day disclosure deadline, and it remains unpatched.

 

Earlier this month, Redmond delayed February's Patch Tuesday, but last week it managed to emit a bunch of fixes for Adobe Flash. ®
 

Source

[Recruit]

This isn't quite a software update !