Multiple vulnerabilities in Microsoft Browser

Description

Multiple vulnerabilities were found in Microsoft Browser. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Skype for Business via Microsoft Edge (EdgeHTML-based) can be exploited remotely via specially crafted to obtain sensitive information.
2. An information disclosure vulnerability in Skype for Business via Internet Explorer can be exploited remotely via specially crafted to obtain sensitive information.
3. An information disclosure vulnerability in Microsoft Edge PDF can be exploited remotely via specially crafted to obtain sensitive information.
4. A remote code execution vulnerability in VBScript can be exploited remotely via specially crafted website to execute arbitrary code.

Original advisories

• CVE-2020-1462

• CVE-2020-1432
• CVE-2020-1433
• CVE-2020-1403

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Internet-Explorer
• Microsoft-Edge

CVE list

• CVE-2020-1462
  warning
• CVE-2020-1432
  warning
• CVE-2020-1433
  warning
• CVE-2020-1403
  critical

KB list

• 4565541
• 4565524
• 4558998
• 4565489
• 4565479
• 4565483
• 4565508
• 4565511
• 4565513
• 4565537
• 4565503

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com