The specific browser components affected are MSHTML and EdgeHTML, which the underlying Windows operating system relies on and can use, even when Internet Explorer itself is not in active use on the system. CVE-2022-24502 affects all the Windows versions including the Windows Server 2019. This vulnerability is also marked as “Exploitation More Likely,” meaning that this is an important patch for all Windows users to apply.
Microsoft Internet Explorer could allow a remote attacker to bypass security restrictions.
By persuading a victim to open specially crafted content, an attacker could exploit this vulnerability to bypass security features to cause impact on confidentiality.
By turning this into a traffic file and matching rule, we are able to detect unauthenticated attempts to bypass security.
Idappcom has created signature 8022503 along with a corresponding traffic file.
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional