![[The AI Show Episode 147]: OpenAI Abandons For-Profit Plan, AI College Cheating Epidemic, Apple Says AI Will Replace Search Engines & HubSpot’s AI-First Scorecard](https://www.marketingaiinstitute.com/hubfs/ep%20147%20cover.png)
.jpeg?width=1920&height=1920&fit=bounds&quality=70&format=jpg&auto=webp#)
![Apple Working on Brain-Controlled iPhone With Synchron [Report]](https://www.iclarified.com/images/news/97312/97312/97312-640.jpg)
Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network
Microsoft has disclosed a critical memory corruption vulnerability in its Scripting Engine (CVE-2025-30397), which allows unauthorized attackers to execute code remotely over a network. The flaw, classified as “Important” and tracked under CWE-843 (Type Confusion), was released as part of the company’s May 2025 Patch Tuesday security updates. The vulnerability arises from the Scripting Engine’s […] The post Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network appeared first on Cyber Security News.
Microsoft has disclosed a critical memory corruption vulnerability in its Scripting Engine (CVE-2025-30397), which allows unauthorized attackers to execute code remotely over a network.
The flaw, classified as “Important” and tracked under CWE-843 (Type Confusion), was released as part of the company’s May 2025 Patch Tuesday security updates.
The vulnerability arises from the Scripting Engine’s improper access of resources using incompatible types, leading to a type confusion scenario.
This memory corruption issue can be exploited when a user interacts with a specially crafted URL, specifically while using Microsoft Edge in Internet Explorer Mode. Despite the high attack complexity, successful exploitation could result in complete system compromise, impacting the confidentiality, integrity, and availability of affected Windows systems.
Exploitability and Impact
To exploit CVE-2025-30397, an attacker must entice a user to click on a specially crafted URL. Once the user interacts with the link in Edge’s Internet Explorer Mode, the attacker can trigger the vulnerability, enabling remote code execution on the victim’s system.
This means that even systems not directly running Internet Explorer remain at risk due to the underlying MSHTML platform, which is still active in many Windows environments.
While the vulnerability was not publicly disclosed prior to the patch, Microsoft and independent security researchers have confirmed that it has been exploited in the wild. Exploitation has been detected, though it requires multiple conditions to be met, including user interaction and a specific browser configuration.
CVE-2025-30397 is one of the most severe vulnerabilities addressed in the May 2025 Patch Tuesday, which fixed a total of 72 flaws, including five zero-days and 28 remote code execution vulnerabilities.
The Scripting Engine vulnerability stands out due to its potential to allow attackers to fully compromise targeted systems remotely.
Mitigations
Microsoft has released patches addressing this vulnerability for all supported versions of Windows. Users and administrators are strongly urged to apply the latest security updates immediately to mitigate the risk of exploitation.
Organizations should also review browser configurations and consider disabling Internet Explorer Mode where possible to reduce exposure.
The discovery and exploitation of CVE-2025-30397 underscore the ongoing risks posed by legacy components within modern software environments. Prompt patching and user awareness remain critical defenses against sophisticated network-based attacks leveraging such vulnerabilities.
Vulnerability Attack Simulation on How Hackers Rapidly Probe Websites for Entry Points – Free Webinar
The post Microsoft Scripting Engine 0-Day Vulnerability Enables Remote Code Execution Over Network appeared first on Cyber Security News.
