Google has gone public with details about a Microsoft Edge vulnerability that could allow attackers to bypass one of the browser’s security features Arbitrary Code Guard (ACG) Microsoft added support for ACG in April 2017, with the release of the Windows 10 Creators Update. ACG was the second of two new features that Microsoft said would prevent attackers from using JavaScript to load malicious code into a computer’s memory via Edge. Google engineer Ivan Fratric, a security engineer with Google’s Project Zero team, discovered a way to bypass ACG and allow an attacker to load unsigned code in memory.
Source: https://www.bleepingcomputer.com/news/security/google-discloses-microsoft-edge-security-feature-bypass/