CVE-2017-11889

Name of the Vulnerable Software and Affected Versions: Microsoft Edge (affected versions not specified) ChakraCore (affected versions not specified)

Description: The issue is related to the incorrect handling of objects in memory by the scripting engine in Microsoft Edge and the ChakraCore JavaScript engine. This could allow a remote attacker to corrupt memory and execute arbitrary code using a specially crafted web page. If the current user has administrative rights, a successful exploitation could lead to the attacker gaining control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations: For Microsoft Edge, update to a version that includes the fix for this issue. For ChakraCore, apply the necessary patches or updates to resolve the vulnerability. As a temporary workaround, consider restricting access to potentially vulnerable web pages or disabling JavaScript execution in Microsoft Edge until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.