Дата обнаружения
|
10/05/2016 |
Уровень угрозы
|
High |
Описание
|
Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions or obtain sensitive information. Below is a complete list of vulnerabilities
Technical details Vulnerability (2) related to User Mode Code Integrity component of Device Guard which allows running unsigned malicious code as though it were signed by a trusted source. To mitigate vulnerability (3) user can restrict access to the VBScript and JScript engines. For further instructions take a look at MS16-051 listed in original advisories section. |
Пораженные продукты
|
Microsoft Internet Explorer versions 9 through 11 |
Решение
|
Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel) |
Первичный источник обнаружения
|
CVE-2016-0189 CVE-2016-0187 CVE-2016-0194 CVE-2016-0193 CVE-2016-0192 CVE-2016-0191 CVE-2016-0188 CVE-2016-0186 |
Оказываемое влияние
?
|
ACE
[?]
OSI
[?]
SB
[?]
|
Связанные продукты
|
Microsoft Internet Explorer Microsoft Edge |
CVE-IDS
|
CVE-2016-01897.6Critical
CVE-2016-01877.6Critical CVE-2016-01942.6Warning CVE-2016-01937.6Critical CVE-2016-01927.6Critical CVE-2016-01917.6Critical CVE-2016-01889.3Critical CVE-2016-01867.6Critical |