CVE-2017-8602

Name of the Vulnerable Software and Affected Versions Microsoft browsers on Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016

Description A spoofing issue exists due to improper parsing of HTTP content by affected Microsoft browsers. This could allow an attacker to trick a user into visiting a specially crafted website, potentially leading to content spoofing or serving as a pivot for chaining attacks with other web service vulnerabilities. The user must click a specially crafted URL for the exploit to be successful.

Recommendations To resolve the issue, update Microsoft browsers to a version that properly parses HTTP content. At the moment, there is no information about a newer version that contains a fix for this vulnerability.