|
|
|
|
|
|
by snag
1660 days ago
|
|
|
> We discovered a drive-by code execution vulnerability on Windows 10 via IE11/Edge Legacy and MS Teams, triggered by an argument injection in the Windows 10/11 default handler for ms-officecmd: URI > Exploitation through other browsers requires the victim to accept an inconspicuous confirmation dialog. No confirmation needed with Windows 10 and IE11 or Edge Legacy |
|
|