Kaspersky Threats

Дата обнаружения

14/11/2017

Уровень угрозы

High

Описание

Multiple serious vulnerabilities have been found in Microsoft Edge and Internet Explorer. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions and obtain sensitive information.

Пораженные продукты

Microsoft Edge
Internet Explorer 9
Internet Explorer 10
Internet Explorer 11

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения

CVE-2017-11791
CVE-2017-11803
CVE-2017-11827
CVE-2017-11833
CVE-2017-11834
CVE-2017-11836
CVE-2017-11837
CVE-2017-11838
CVE-2017-11839
CVE-2017-11840
CVE-2017-11841
CVE-2017-11843
CVE-2017-11844
CVE-2017-11845
CVE-2017-11846
CVE-2017-11848
CVE-2017-11855
CVE-2017-11856
CVE-2017-11858
CVE-2017-11861
CVE-2017-11862
CVE-2017-11863
CVE-2017-11866
CVE-2017-11869
CVE-2017-11870
CVE-2017-11871
CVE-2017-11872
CVE-2017-11873
CVE-2017-11874

Оказываемое влияние

?

ACE

[?]

OSI

[?]

SB

[?]

Связанные продукты

Microsoft Internet Explorer
Microsoft Edge

CVE-IDS

Microsoft official advisories

Microsoft Security Update Guide

KB list

4042895
4048955
4048952
4048953
4048954
4048956
4048957
4048958
4048959
4047206

Эксплуатация

The following public exploits exists for this vulnerability:

https://www.exploit-db.com/exploits/43180

https://www.exploit-db.com/exploits/43183

https://www.exploit-db.com/exploits/43181

https://www.exploit-db.com/exploits/43371

https://www.exploit-db.com/exploits/43153

https://www.exploit-db.com/exploits/43182

https://www.exploit-db.com/exploits/43154

KLA11140Multiple vulnerabilities in Microsoft Edge and Internet Explorer

KLA11140
Multiple vulnerabilities in Microsoft Edge and Internet Explorer