Application Details
The specific browser components affected are MSHTML and EdgeHTML, which the underlying Windows operating system relies on and can use, even when Internet Explorer itself is not in active use on the system. CVE-2022-24502 affects all the Windows versions including the Windows Server 2019. This vulnerability is also marked as “Exploitation More Likely,” meaning that this is an important patch for all Windows users to apply.
Vulnerability
Microsoft Internet Explorer could allow a remote attacker to bypass security restrictions.
Identification
By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to bypass security features to cause impact on confidentiality.
Detection
By turning this into a traffic file and matching rule, we are able to detect unauthenticated attempts to bypass security.
Coverage
Idappcom has created signature 8022503 along with a corresponding traffic file.
References
Microsoft (CVE-2022-24502)
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional
Comments