Google's Project Zero reveals another Microsoft flaw

Edge, IE can find themselves running unexpected code if cooked by a malicious site

By Richard Chirgwin


Google's Project Zero has revealed a bug in Microsoft's Internet Explorer and Edge browsers.

First turned up on November 25, the bug offers evildoers a technique that would let a malicious web site crash a visitor's browser as the main course, with code execution as the dessert.

Detailed here, the bug works by attacking a type confusion in HandleColumnBreak

A 17-line proof-of-concept crashes that process, with a focus on two variables rcx and rax.

“An attacker can affect rax by modifying table properties such as border-spacing and the width of the first th element,” Project Zero's post states – so the crafted Web page just needs to point rax to memory they control.

The issue was published at the end of Project Zero's 90-day disclosure deadline, and it remains unpatched.

Earlier this month, Redmond delayed February's Patch Tuesday, but last week it managed to emit a bunch of fixes for Adobe Flash. ®

Sign up to our NewsletterGet IT in your inbox daily


More from The Register

Buffer overflow in Unix mailer Exim imperils 400,000 email servers

Bug already plugged, get updating

Intel Management Engine pwned by buffer overflow

Security researchers lift lid on snafu at Black Hat Europe

'Adversarial DNA' breeds buffer overflow bugs in PCs

Boffins had to break gene-reading software but were able to remotely exploit a computer

Flappy Friday for Stack Overflow as outage woes run on

Updated Well, guess it's nearly the weekend

if dev == woman then dont_be(asshole): Stack Overflow tries again to be more friendly to non-male non-pasty coders

Another try...catch attempt to end tedious mansplaining

Buffer overflow reported in UEFI EDK1

Firmware patching scramble begins

Devs see red after not seeing Big Red on Stack Overflow database poll

Updated Oracle missed off yearly survey, staffer claims 'malicious bias'

Only a day late and a dollar short, Google: Now its cloud cozies up to Microsoft's GitHub

Devs can have Dockerfiles in GH trigger Google Cloud Build

Stack Overflow + Salary Calculator = your worth

In case you were wondering what Git, SQL and JS skills will get you, new online tool measures your value

Everyone loves programming in Python! You disagree? But it's the fastest growing, says Stack Overflow

It's a grower not a, er, yeah...