KLA11500
Multiple vulnerabilities in Microsoft Browsers
Updated: 07/23/2019
Detect date
?
06/11/2019
Severity
?
Critical
Description

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted content to obtain sensitive information.
  2. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  3. A security feature bypass vulnerability in Microsoft Edge can be exploited remotely via specially crafted to bypass security restrictions.
  4. An information disclosure vulnerability in Scripting Engine can be exploited remotely via specially crafted content to obtain sensitive information.
  5. A memory corruption vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to execute arbitrary code.
  6. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
Affected products

Internet Explorer 11
Microsoft Edge
Internet Explorer 10
Internet Explorer 9
ChakraCore

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2019-1081
CVE-2019-1051
CVE-2019-1054
CVE-2019-0993
CVE-2019-1024
CVE-2019-0989
CVE-2019-0990
CVE-2019-1038
CVE-2019-1002
CVE-2019-1005
CVE-2019-1055
CVE-2019-0991
CVE-2019-1023
CVE-2019-1080
CVE-2019-0992
CVE-2019-1003
CVE-2019-0988
CVE-2019-1052
CVE-2019-0920

Impacts
?
ACE 
[?]

OSI 
[?]

SB 
[?]
Related products
Microsoft Internet Explorer
Microsoft Edge
CVE-IDS
?
CVE-2019-10814.3Warning
CVE-2019-10514.2Warning
CVE-2019-10545.0Critical
CVE-2019-09934.2Warning
CVE-2019-10244.2Warning
CVE-2019-09894.2Warning
CVE-2019-09906.5High
CVE-2019-10387.5Critical
CVE-2019-10024.2Warning
CVE-2019-10057.5Critical
CVE-2019-10557.5Critical
CVE-2019-09914.2Warning
CVE-2019-10236.5High
CVE-2019-10807.5Critical
CVE-2019-09924.2Warning
CVE-2019-10034.2Warning
CVE-2019-09887.5Critical
CVE-2019-10524.2Warning
CVE-2019-09207.5Critical
KB list

4503293
4503327
4503286
4503284
4503287
4503285
4503276
4503292
4503267
4503291
4503279
4503273
4503259

Microsoft official advisories
Microsoft Security Update Guide