Microsoft Browser Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when affected Microsoft browsers fail to properly secure private namespace. An attacker who successfully exploited this vulnerability could gain elevated permissions on the namespace directory of a vulnerable system and gain elevated privileges.

The vulnerability by itself does not allow arbitrary code to be run. However, this vulnerability could be used in conjunction with one or more other vulnerabilities (e.g. a remote code execution vulnerability and another elevation of privilege) that could take advantage of the elevated privileges when running.

The update addresses the vulnerability by correcting how Microsoft browsers handle namespace boundaries.