CVE-2017-8736

Name of the Vulnerable Software and Affected Versions Internet Explorer in Microsoft Windows versions prior to the fixed version Microsoft Edge and Internet Explorer in Windows 10 versions prior to the fixed version Microsoft Edge and Internet Explorer in Windows Server 2016 versions prior to the fixed version

Description An information disclosure issue exists in Microsoft browsers due to improper parent domain verification in certain functionality. This allows an attacker to obtain specific information used in the parent domain.

Recommendations For Internet Explorer in Microsoft Windows, update to a version that includes the fix for this issue. For Microsoft Edge and Internet Explorer in Windows 10, update to a version that includes the fix for this issue. For Microsoft Edge and Internet Explorer in Windows Server 2016, update to a version that includes the fix for this issue. As a temporary workaround, consider restricting access to sensitive information in the parent domain until a patch is available.