Skip to main content

Google reveals Edge bug that Microsoft has had trouble fixing

posted onFebruary 21, 2018
by l33tdawg
Credit:

Google has again decided to disclose a flaw in Microsoft software before the latter company could deliver a fix. Indeed, Microsoft has struggled to fix this problem.

Detailed here on Google's Project Zero bug-tracker, the flaw impacts the just-in-time compiler that Microsoft's Edge browser uses to execute JavaScript and makes it possible to predict the memory space it is about to use. Once an attacker knows about that memory, they could pop their own code in there and have all sorts of naughty fun as Edge executes instructions of their choice rather than JavaScript in the web page the browser was rendering.

News of the flaw was posted to Project Zero on November 17th, 2017, with the usual warning that "This bug is subject to a 90 day disclosure deadline. After 90 days elapse or a patch has been made broadly available, the bug report will become visible to the public."

Source

Tags

Industry News Security

You May Also Like

Recent News

Friday, November 29th

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th