I have a question about edgehtml.dll (QID: 91521)
Edge is not installed on win servers but the engine is present (edgehtml.dll)
This generates sev 4 vulnerabilities.
I suppose the engine is there for a reason but the vulnerabilities speak about opening a website....
A security feature bypass vulnerability exists when Microsoft Edge could allow a remote
attacker to bypass security restrictions, caused by improper handling of flash objects by the
Click2Play protection. By persuading a victim to visit a specially-crafted website, an attacker
could exploit this vulnerability to bypass the security feature. [CVE-2019-0612]
Can it be handled as a false positive? Anyone has more info about this one?