KLA10720
Multiple vulnerabilities in Microsoft Internet Explorer & Edge

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer & Edge. Malicious users can exploit these vulnerabilities to spoof user interface, bypass security restrictions, inject or execute arbitrary code, gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

1. Improper memory objects access can be exploited remotely via a specially designed web content to execute arbitrary code;
2. Lack of content type enforcement can be exploited remotely via a specially designed web content to gain privileges;
3. Lack of Address Space Layout Randomization enforcement can be exploited remotely via a specially designed web content to bypass security feature;
4. Improper HTTP responses parsing can be exploited remotely via a specially designed URL to spoof user interface;
5. Improper permissions validation can be exploited remotely via a specially designed web content to gain privileges;
6. Improper HTML disabling can be exploited remotely via a specially designed web content to inject arbitrary code;
7. Improper memory handling at VBScript can be exploited remotely via a specially designed web content to obtain sensitive information or execute arbitrary code.

Technical details

There some technical notes for vulnerability (3) you can read in MS15-124 listed in original advisories section.

Microsoft Internet Explorer versions 7 through 11
Microsoft Edge

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)