KLA10789
Multiple vulnerabilities in Microsoft Internet Explorer and Edge
Обновлено: 17/06/2019
Дата обнаружения
12/04/2016
Уровень угрозы
Critical
Описание

Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitraty code, gain privileges or obtain sensitive information.

Below is a complete list of vulnerabilities

  1. An improper memory objects access can be exploited remotely via a specially designed content to execute arbitrary code;
  2. An improper input validation before loading libraries can be exploited by logged in attacker via a specially designed application to gain privileges;
  3. An improper JavaScript handling can be exploited remotely to obtain sensitive information or gain privileges;
  4. Lack of cross-domain policies enforcement can be exploited remotely via a specially designed content to gain privileges.
Пораженные продукты

Microsoft Internet Explorer versions 9 through 11
Microsoft Edge

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2016-0154
CVE-2016-0155
CVE-2016-0156
CVE-2016-0157
CVE-2016-0158
CVE-2016-0159
CVE-2016-0160
CVE-2016-0161
CVE-2016-0162
CVE-2016-0164
CVE-2016-0166
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

PE 
[?]
Связанные продукты
Microsoft Internet Explorer
Microsoft Edge
CVE-IDS
CVE-2016-01547.6Critical
CVE-2016-01557.6Critical
CVE-2016-01567.6Critical
CVE-2016-01577.6Critical
CVE-2016-01584.3Warning
CVE-2016-01597.6Critical
CVE-2016-01607.2High
CVE-2016-01614.3Warning
CVE-2016-01624.3Warning
CVE-2016-01647.6Critical
CVE-2016-01667.6Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

3147461
3147458
3148198
4015549
4015550
4015221
4014661
4015551
4015219