Microsoft Edge Denial Of Service Execute Code Overflow Memory corruption Vulnerability
5 Aug. 2016
This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user. Customers whose accounts are configured to have fewer user rights on the system could be less impacted than users with administrative user rights.
This security update is rated Critical for Microsoft Edge on Windows 10. For more information, see the Affected Software section.
The update addresses the vulnerabilities by:
Correcting how the Edge Content Security Policy (CSP) validates documents
Modifying how Windows parses .pdf files