Multiple serious vulnerabilities have been found in Microsoft Internet Explorer and Edge. Malicious users can exploit these vulnerabilities to bypass security restrictions, obtain sensitive information and execute arbitrary code.

Below is a complete list of vulnerabilities:

1. Improper objects handling vulnerabilities can be exploited remotely via specially crafted website to obtain sensitive information;
2. An improper requests handling vulnerability can be exploited remotely via specially crafted website to bypass security restrictions;
3. Memory corruption vulnerabilities in the scripting engine can be exploited remotely via specially crafted website to execute arbitrary code.

Technical details

Vulnerabilities (1) and (2) affects only Microsoft Edge

Microsoft Internet Explorer 9
Microsoft Internet Explorer 10
Microsoft Internet Explorer 11
Microsoft Edge

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

CVE-2018-0866
CVE-2018-0861
CVE-2018-0860
CVE-2018-0859
CVE-2018-0857
CVE-2018-0856
CVE-2018-0840
CVE-2018-0839
CVE-2018-0838
CVE-2018-0837
CVE-2018-0836
CVE-2018-0835
CVE-2018-0834
CVE-2018-0771
CVE-2018-0763

CVE-2018-0763
CVE-2018-0771
CVE-2018-0834
CVE-2018-0835
CVE-2018-0836
CVE-2018-0837
CVE-2018-0838
CVE-2018-0839
CVE-2018-0840
CVE-2018-0856
CVE-2018-0857
CVE-2018-0859
CVE-2018-0860
CVE-2018-0861
CVE-2018-0866

4074592
4074588
4074590
4074591
4074596
4074598
4074736
4074594
4074593
4088776