vulnerability

Microsoft Windows: CVE-2016-7281: Microsoft Edge Security Feature Bypass Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
3	(AV:N/AC:H/Au:N/C:N/I:P/A:N)	Dec 20, 2016	Jun 10, 2024	May 8, 2026

Severity

CVSS

(AV:N/AC:H/Au:N/C:N/I:P/A:N)

Published

Dec 20, 2016

Added

Jun 10, 2024

Modified

May 8, 2026

Description

The Web Workers implementation in Microsoft Internet Explorer 10 and 11 and Microsoft Edge allows remote attackers to bypass the Same Origin Policy via unspecified vectors, aka "Microsoft Browser Security Feature Bypass Vulnerability."

Solutions

microsoft-windows-windows_10-1507-kb3205383microsoft-windows-windows_10-1511-kb3205386microsoft-windows-windows_10-1607-kb3206632microsoft-windows-windows_server_2016-1607-kb3206632

References

CVE-2016-7281
https://attackerkb.com/topics/CVE-2016-7281
DISA_SEVERITY-Category II
EUVD-EUVD-2016-8137
IAVM-2016-A-0343
https://euvd.enisa.europa.eu/vulnerability/EUVD-2016-8137
https://support.microsoft.com/help/3205383
https://support.microsoft.com/help/3205386
https://support.microsoft.com/help/3206632

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report