Microsoft Edge Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Microsoft Edge does not properly validate JavaScript under specific conditions, potentially allowing a script to be run with elevated privileges. In a web-based attack scenario, an attacker could host a website in an attempt to exploit this vulnerability.

In addition, compromised websites and websites that accept or host user-provided content could contain specially crafted content that could exploit the vulnerability. However, in all cases, an attacker would have no way to force users to view the attacker-controlled content. Instead, an attacker would have to convince users to take action. For example, an attacker could trick users into clicking a link that takes them to the attacker’s site. An attacker who successfully exploited the vulnerability could elevate privileges in affected versions of Microsoft Edge. An attacker could then leverage these privileges with another vulnerability to run arbitrary code with medium-integrity-level privileges (permissions of the current user).

This vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with another vulnerability (e.g., a remote code execution vulnerability) that could take advantage of the elevated privileges when running arbitrary code. For example, an attacker could exploit another vulnerability to run arbitrary code through Microsoft Edge, but because of the context in which processes are launched by Internet Explorer, the code might be restricted to run at a low-integrity level (very limited permissions).

However, an attacker could, in turn, exploit this vulnerability to cause the arbitrary code to run at a medium-integrity level (permissions of the current user).

The update addresses the vulnerability by adding additional permission validations to Microsoft Edge.