KLA11771
Multiple vulnerabilities in Microsoft Internet Explorer and Edge

Multiple vulnerabilities were found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in MSHTML Engine can be exploited remotely via specially crafted file to execute arbitrary code.
2. A memory corruption vulnerability in Scripting Engine can be exploited remotely to execute arbitrary code.
3. A memory corruption vulnerability in Internet Explorer can be exploited remotely via specially crafted website to execute arbitrary code.
4. An elevation of privilege vulnerability in Microsoft Edge can be exploited remotely via specially crafted content to gain privileges.
5. A remote code execution vulnerability in VBScript can be exploited remotely via specially crafted website to execute arbitrary code.
6. A remote code execution vulnerability in Microsoft Edge PDF can be exploited remotely via specially crafted to execute arbitrary code.
7. A spoofing vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to spoof user interface.
8. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Internet Explorer 11
ChakraCore
Microsoft Edge (EdgeHTML-based)
Internet Explorer 9

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

CVE-2020-1064
CVE-2020-1065
CVE-2020-1062
CVE-2020-1056
CVE-2020-1060
CVE-2020-1096
CVE-2020-1059
CVE-2020-1058
CVE-2020-1093
CVE-2020-1092
CVE-2020-1035
CVE-2020-1037

4556799
4556846
4556798
4556840
4556826
4556813
4556812
4551853
4556836
4556807