Jonathan Downing

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (affected versions not specified) **Description** A remote code execution issue exists due to improper memory object access in Microsoft Edge, potentially allowing an attacker to execute arbitrary code in the context of the current user. This could lead to an attacker gaining the same user rights as the current user. If the current user has administrative rights, the attacker could take control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Edge (affected versions not specified) **Description** An information disclosure issue exists due to Microsoft Edge's improper handling of objects in memory. This could allow a remote attacker to gain unauthorized access to protected information, potentially obtaining details to further compromise the user's system. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Windows Media Foundation versions (affected versions not specified) Windows 7 Windows Server 2012 R2 Windows RT 8.1 Windows Server 2012 Windows 8.1 Windows Server 2016 Windows Server 2008 R2 Windows 10 Windows 10 Servers **Description** A memory corruption issue exists due to improper handling of objects in memory by Windows Media Foundation. This can be exploited by remote attackers to execute arbitrary code using a specially crafted file or web page. **Recommendations** For Windows 7, update to a newer version to mitigate the risk. For Windows Server 2012 R2, apply configuration changes to restrict access to vulnerable components. For Windows RT 8.1, disable the use of specially crafted files until a patch is available. For Windows Server 2012, restrict access to the Media Foundation component to minimize the risk of exploitation. For Windows 8.1, avoid using vulnerable API endpoints until the issue is resolved. For Windows Server 2016, consider disabling the Media Foundation component temporarily as a workaround. For Windows Server 2008 R2, update to a newer version to mitigate the risk. For Windows 10, apply configuration changes to restrict access to vulnerable components. For Windows 10 Servers, restrict access to the Media Foundation component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.