1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Microsoft Edge RCE CVE 2016 7201

Web Attack: Microsoft Edge RCE CVE 2016 7201

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions.

Additional Information

Microsoft Edge is a web browser available for Windows.

Microsoft Edge is prone to a remote memory-corruption vulnerability. Specifically, this issue occurs because the Chakra JavaScript engines fail to properly handle objects in memory during the rendering process.

Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted web page. This could allow the attacker to execute arbitrary code in the context of the currently logged-in user. Failed attacks will cause denial of service conditions.

Affected

  • Multiple version of Edge browser.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube