KLA12019
Multiple vulnerabilities in Microsoft Browsers

Updated: 12/16/2020

Detect date ?	12/08/2020
Severity ?	Critical
Description	Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: A spoofing vulnerability in Microsoft Edge for Android can be exploited remotely to spoof user interface. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely to execute arbitrary code.
Affected products	ChakraCore Microsoft Edge (EdgeHTML-based) Microsoft Edge for Android
Solution	Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Original advisories	CVE-2020-17153 CVE-2020-17131
Impacts ?	ACE [?] SUI [?]
Related products	Microsoft Edge ChakraCore
CVE-IDS ?	CVE-2020-171535.8High CVE-2020-171315.1High
KB list	4592449 4592440 4592438
Microsoft official advisories	Microsoft Security Update Guide
	Find out the statistics of the vulnerabilities spreading in your region

KLA12019Multiple vulnerabilities in Microsoft Browsers