KLA10697
Multiple vulnerabilities in Microsoft Internet Explorer

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code or obtain sensitive information.

Below is a complete list of vulnerabilities

1. Improper memory objects access can be exploited remotely via a specially designed web content to execute arbitrary code
2. Improper memory handling at VBScript and JScript engines can be exploited remotely via a specially designed web content or ActiveX control to execute arbitrary code;
3. Improper memory content disclosure can be exploited remotely via a specially designed web content to obtain sensitive information;
4. Improper Address Space Layout Randomization can be exploited remotely via a specially designed web content to bypass security restrictions.

Technical details

To mitigate vulnerability (2) access to VBScript.dll and JScript.dll can be restricted. For further details look at original advisory.

Microsoft Internet Explorer versions from 7 through 11

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

3105211
3105213
3104517
3100773

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/39698