MSHTML only checks for the CLSID associated with VBScript when blocking in the Internet Zone, but doesn't check other VBScript CLSIDs which allow a web page to bypass the security zone policy.
View the full article
The Microsoft Windows MSHTML Engine is prone to a vulnerability that allows attackers to execute arbitrary code on vulnerable systems because of improper validation of specially crafted web documents (html, xhtml, etc).
View the full article
We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.