Описание
Microsoft Browser Information Disclosure Vulnerability
An information disclosure vulnerability exists when affected Microsoft browsers leave credential data in memory. An attacker who successfully exploited this vulnerability could harvest credentials from a memory dump of the browser process. An attacker would need access to a dump of memory from the affected system.
The security update addresses the vulnerability by changing the way that Microsoft browsers store credentials in memory.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Internet Explorer 10 on Windows Server 2012 | ||
| Internet Explorer 11 on Windows 8.1 for 32-bit systems | ||
| Internet Explorer 11 on Windows 8.1 for x64-based systems | ||
| Internet Explorer 11 on Windows Server 2012 R2 | ||
| Internet Explorer 11 on Windows RT 8.1 | - | |
| Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1 | ||
| Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1 | ||
| Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1 | ||
| Internet Explorer 11 on Windows 10 for 32-bit Systems | ||
| Internet Explorer 11 on Windows 10 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
EPSS
Связанные уязвимости
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability."
Microsoft Internet Explorer 10 and 11 and Microsoft Edge allow context-dependent attackers to discover credentials by leveraging access to a memory dump, aka "Microsoft Browser Information Disclosure Vulnerability."
Уязвимость браузеров Microsoft Edge и Internet Explorer, позволяющая нарушителю раскрыть учетные записи
EPSS