Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information or gain privileges.

Below is a complete list of vulnerabilities

1. An improper memory objects handling can be exploited remotely via a specially designed content to execute arbitrary code;
2. An improper memory objects handling at Chakra JavaScript engine can be exploited remotely via a specially designed content to execute arbitrary code;
3. An improper memory objects handling can be exploited remotely via a specially designed content to obtain sensitive information;
4. Lack of credential data storage restrictions can be exploited locally via harvesting memory dump to obtain sensitive information;
5. Lack of private namespace security restrictions can be exploited remotely to gain privileges;
6. An improper validation can be exploited remotely via a specially designed content to bypass security restrictions.

Microsoft Internet Explorer versions 9 through 11
Microsoft Edge

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

CVE-2016-3331
CVE-2016-3298
CVE-2016-3267
CVE-2016-3392
CVE-2016-3391
CVE-2016-3390
CVE-2016-3389
CVE-2016-3388
CVE-2016-3387
CVE-2016-3386
CVE-2016-3385
CVE-2016-3384
CVE-2016-3383
CVE-2016-3382

3192441
3194798
3192440
3185331
3185330
3185332
3192393
3192392
3192391

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/40606

https://www.exploit-db.com/exploits/40607