A remote code execution vulnerability exists because Windows Shell improperly handles URIs. Upon successful exploitation an attacker can achieve remote code execution via the Microsoft Edge browser. CVE-2018-8495 has been assigned to track this vulnerability. An attacker can leverage the vulnerability by abusing URI schemes and VBS script in Windows that can run with user-defined … Continue reading “Microsoft Edge Remote Code Execution Vulnerability”