Microsoft has recently identified a vulnerability (CVE-2019-0676) within Internet Explorer (“IE”). When IE improperly handles objects in memory, it is possible for an attacker to test for the presence of files on disk. Attackers can exploit this vulnerability by sending the user a link leading to a malicious website, and coercing them to follow the link. This vulnerability affects versions 10 or 11 of IE.
Microsoft has addressed this vulnerability with various patches as of Tuesday 2/12/2019.
For additional information, please visit: https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0676#ID0EN