CVE-2017-8592

Name of the Vulnerable Software and Affected Versions Microsoft browsers on Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016

Description A security feature bypass issue exists due to improper handling of redirect requests by Microsoft browsers. This allows the browsers to bypass CORS redirect restrictions and follow redirect requests that should otherwise be ignored. An attacker who successfully exploits this could force the browser to send data to a destination web site of their choice.

Recommendations For Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1, Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, update to a newer version that includes the fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.