vulnerability

Microsoft Windows: CVE-2017-0066: Microsoft Edge Security Feature Bypass Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:H/Au:N/C:P/I:P/A:N)	Mar 14, 2017	Mar 14, 2017	Sep 3, 2025

Severity

CVSS

(AV:N/AC:H/Au:N/C:P/I:P/A:N)

Published

Mar 14, 2017

Added

Mar 14, 2017

Modified

Sep 3, 2025

Description

Microsoft Edge allows remote attackers to bypass the Same Origin Policy for HTML elements in other browser windows, aka "Microsoft Edge Security Feature Bypass Vulnerability." This vulnerability is different from those described in CVE-2017-0135 and CVE-2017-0140.

Solutions

microsoft-windows-windows_10-1507-kb4012606microsoft-windows-windows_10-1511-kb4013198microsoft-windows-windows_10-1607-kb4013429

References

BID-96655
CVE-2017-0066
https://attackerkb.com/topics/CVE-2017-0066
https://support.microsoft.com/help/4012606
https://support.microsoft.com/help/4013198
https://support.microsoft.com/help/4013429

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report