An information disclosure vulnerability exists in Microsoft browsers due to improper parent domain verification in certain functionality. An attacker who successfully exploited the vulnerability could obtain specific information that is used in the parent domain. To exploit the vulnerability, an attacker must have access to host malicious content on a website this is on a subdomain of the parent domain, and then convince a user to visit the site. The security update addresses the vulnerability by helping to ensure that Microsoft browsers restrict access to certain functionality between the subdomain and the parent domain.