KLA11084
Multiple vulnerabilities in Microsoft Edge and Microsoft Internet Explorer
Updated: 07/05/2018
CVSS
?
7.6
Detect date
?
08/08/2017
Severity
?
Critical
Description

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Microsoft Edge. Malicious users can exploit these vulnerabilities to gain privileges, bypass security restrictions, execute arbitrary code and obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. An incorrect handling of sandboxing in Microsoft Edge can be exploited locally to gain privileges;
  2. An improper validation of UMCI (User Mode Code Integrity) policies can be exploited locally by convincing a user to visit a specially designed website and run a malicious application to bypass security restrictions;
  3. Multiple vulnerabilities related to improper handling of objects in memory in JavaScript engines can be exploited remotely via a specially designed website, Microsoft Office document that hosts the browser rendering engine or embedded ActiveX control marked “safe for initialization” in an application to execute arbitrary code;
  4. The ACG (Arbitrary Code Guard) bypass vulnerability related to an improper handling of accessing memory in code which is compiled by the Microsoft Edge JIT (Just-In-Time) compiler can be exploited remotely via a specially designed website to bypass security restrictions;
  5. An improper validation and sanitizing of JavaScript parameters in Microsoft Edge can be exploited remotely by convincing a user to click a specially designed link hosted on a malicious website to gain privileges;
  6. Multiple vulnerabilities related to an incorrect handling of objects in memory in certain functions in Microsoft Edge can be exploited remotely by convincing a user to view a specially designed website to obtain sensitive information;
  7. An improper enforcing of cross-domain policies in Microsoft Edge can be exploited remotely by convincing a user to load a specially designed page or visit a malicious website to bypass security restrictions;
  8. An incorrect handling of objects in memory in Microsoft Internet Explorer can be exploited remotely by convincing a user to view a specially designed website to execute arbitrary code;
  9. Multiple vulnerabilities related to an improper handling of objects in memory  can be exploited remotely by convincing a user to view a specially designed website to execute arbitrary code;
  10. An incorrect handling of objects in memory in certain functions in the Chakra scripting engine can be exploited remotely by convincing a user to view a specially designed website to obtain sensitive information;
  11. An incorrect handling of objects in memory in Microsoft scripting engines in Microsoft Edge can be exploited remotely via a specially designed website, Microsoft Office document that hosts the browser rendering engine or embedded ActiveX control marked “safe for initialization” in an application  to execute arbitrary code;
  12. An improper validation of strings in affected scenarios can be exploited remotely via a specially designed website to obtain sensitive information;
  13. Multiple vulnerabilities related to an improper handling of objects in memory in Microsoft Edge can be exploited remotely by convincing a user to view a specially designed website to execute arbitrary code;
  14. An improper handling of objects in memory in the Chakra JavaScript scripting engine can be exploited remotely to execute arbitrary code.

Technical details

To exploit vulnerabilities (9) and (13), an attacker can send an URL to the malicious website via email or instant message.

Exploit of vulnerability (12) allows attackers to get sensitive data from memory and possibly bypass ASLR (Address Space Layout Randomization).

Affected products

Microsoft Edge
Microsoft Internet Explorer versions 9 through 11

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2017-8503
CVE-2017-8625
CVE-2017-8634
CVE-2017-8635
CVE-2017-8636
CVE-2017-8637
CVE-2017-8638
CVE-2017-8639
CVE-2017-8640
CVE-2017-8641
CVE-2017-8642
CVE-2017-8644
CVE-2017-8645
CVE-2017-8646
CVE-2017-8647
CVE-2017-8650
CVE-2017-8651
CVE-2017-8652
CVE-2017-8653
CVE-2017-8655
CVE-2017-8656
CVE-2017-8657
CVE-2017-8659
CVE-2017-8661
CVE-2017-8662
CVE-2017-8669
CVE-2017-8670
CVE-2017-8671
CVE-2017-8672
CVE-2017-8674

Impacts
?
ACE 
[?]

OSI 
[?]

SB 
[?]

PE 
[?]
Related products
Microsoft Internet Explorer
Microsoft Edge
CVE-IDS
?

CVE-2017-8674
CVE-2017-8672
CVE-2017-8671
CVE-2017-8670
CVE-2017-8669
CVE-2017-8662
CVE-2017-8661
CVE-2017-8659
CVE-2017-8657
CVE-2017-8656
CVE-2017-8655
CVE-2017-8653
CVE-2017-8652
CVE-2017-8651
CVE-2017-8650
CVE-2017-8647
CVE-2017-8646
CVE-2017-8645
CVE-2017-8644
CVE-2017-8642
CVE-2017-8641
CVE-2017-8640
CVE-2017-8639
CVE-2017-8638
CVE-2017-8637
CVE-2017-8636
CVE-2017-8635
CVE-2017-8634
CVE-2017-8625
CVE-2017-8503

Microsoft official advisories
CVE-2017-8503
CVE-2017-8625
CVE-2017-8634
CVE-2017-8635
CVE-2017-8636
CVE-2017-8637
CVE-2017-8638
CVE-2017-8639
CVE-2017-8640
CVE-2017-8641
CVE-2017-8642
CVE-2017-8644
CVE-2017-8645
CVE-2017-8646
CVE-2017-8647
CVE-2017-8650
CVE-2017-8651
CVE-2017-8652
CVE-2017-8653
CVE-2017-8655
CVE-2017-8656
CVE-2017-8657
CVE-2017-8659
CVE-2017-8661
CVE-2017-8662
CVE-2017-8669
CVE-2017-8670
CVE-2017-8671
CVE-2017-8672
CVE-2017-8674
KB list

4034681
4034674
4034733
4034665
4034664
4034660
4034658
4034668