PoC Available for Microsoft Edge Zero-Day RCE, Exploit Under Development

[silversurfer]

Vulnerability exploited using malicious crafted web pages

Exploit developer Yushi Liang announced in a tweet that he discovered a zero-day remote code execution vulnerability in the Microsoft Edge web browser, with a Proof of Concept  (PoC) already available and an exploit in the works.

The zero-day Edge RCE vulnerability discovered by Liang could allow for arbitrary code execution once exploited by a potential attacker which, depending on the privilege level of the logged in account, could install programs on the compromised machine, create admin accounts, as well as exfiltrate and modify data.

Source: https://news.softpedia.com/news/poc-avai...3621.shtml