Jérôme Segura

**Name of the Vulnerable Software and Affected Versions** Microsoft Internet Explorer versions 9 through 11 Microsoft Edge **Description** The issue allows remote attackers to obtain sensitive information via a crafted web site. This is due to the way the affected components handle objects in memory, which can be exploited by an attacker to further compromise a target system. Research indicates that this type of vulnerability is among those exploited by ransomware operators, highlighting its potential impact. **Recommendations** For Microsoft Internet Explorer versions 9 through 11, consider disabling the handling of objects in memory as a temporary workaround until a patch is available. For Microsoft Edge, restrict access to sensitive information to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.