A security feature bypass vulnerability exists in Edge that allows for bypassing Mark of the Web Tagging (MOTW). Failing to set the MOTW means that a large number of Microsoft security technologies are bypassed. In a web-based attack scenario, an attacker could host a malicious website that is designed to exploit the security feature bypass. Alternatively, in an email or instant message attack scenario, the attacker could send the targeted user a specially crafted .url file that is designed to exploit the bypass. Additionally, compromised websites or websites that accept or host user-provided content could contain specially crafted content to exploit the security feature bypass. However, in all cases an attacker would have no way to force a user to view attacker-controlled content. Instead, an attacker would have to convince a user to take action. For example, an attacker could entice a user to either click a link that directs the user to the attacker's site or send a malicious attachment. The security update addresses the security feature bypass by correcting how Edge handles MOTW tagging.

• https://msrc.microsoft.com/update-guide/vulnerability/CVE-2019-1054
• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1054

• Microsoft » Edge » Version: N/A
  cpe:2.3:a:microsoft:edge:-
• Microsoft » Windows 10 » Version: 1607
  cpe:2.3:o:microsoft:windows_10:1607
• Microsoft » Windows 10 » Version: 1703
  cpe:2.3:o:microsoft:windows_10:1703
• Microsoft » Windows 10 » Version: 1709
  cpe:2.3:o:microsoft:windows_10:1709
• Microsoft » Windows 10 » Version: 1803
  cpe:2.3:o:microsoft:windows_10:1803
• Microsoft » Windows 10 » Version: 1809
  cpe:2.3:o:microsoft:windows_10:1809
• Microsoft » Windows 10 » Version: 1903
  cpe:2.3:o:microsoft:windows_10:1903
• Microsoft » Windows Server 2016 » Version: N/A
  cpe:2.3:o:microsoft:windows_server_2016:-
• Microsoft » Windows Server 2019 » Version: N/A
  cpe:2.3:o:microsoft:windows_server_2019:-