Researchers discover new zero-day vulnerability in EDGE browser
New zero-day vulnerability details about Microsoft Edge may be coming soon, as researchers have released preliminary proof-of-concept videos.
The vulnerability is a sandbox escape vulnerability, and therefore the severity is relatively high, at least the researchers have not yet submitted the vulnerability to Microsoft for verification.
https://twitter.com/Yux1xi/status/1058168985991163906
The sandbox escape vulnerability of the Edge browser is a scent:
Sandbox escaping is a security issue that is of great concern to all major browsers today. Microsoft also attaches great importance to the sandbox escape problem of the Edge browser.
These levels of zero-day vulnerabilities typically earn tens of thousands of dollars in bonuses, and countless brokers want to buy such weaknesses in the underground black market.
Although the researchers have not yet released specific details of the vulnerability, a hilarious vulnerability video was released to add exciting researchers.
In the demo video, researchers used the vulnerability of the Microsoft Edge browser to invoke Firefox and automatically load the main browser download page of Google Chrome. Currently, this vulnerability researcher has not yet submitted it to Microsoft, but even if the vulnerability is submitted to Microsoft for verification, it should not be able to keep up with the November Patch Tuesday.
Via: bleepingcomputer