KLA11500
Multiple vulnerabilities in Microsoft Browsers
Обновлено: 23/07/2019
Дата обнаружения
11/06/2019
Уровень угрозы
Critical
Описание

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

  1. An information disclosure vulnerability in Microsoft Browser can be exploited remotely via specially crafted content to obtain sensitive information.
  2. A memory corruption vulnerability in Chakra Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  3. A security feature bypass vulnerability in Microsoft Edge can be exploited remotely via specially crafted to bypass security restrictions.
  4. An information disclosure vulnerability in Scripting Engine can be exploited remotely via specially crafted content to obtain sensitive information.
  5. A memory corruption vulnerability in Microsoft Browser can be exploited remotely via specially crafted website to execute arbitrary code.
  6. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
Пораженные продукты

Internet Explorer 11
Microsoft Edge
Internet Explorer 10
Internet Explorer 9
ChakraCore

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2019-1081
CVE-2019-1051
CVE-2019-1054
CVE-2019-0993
CVE-2019-1024
CVE-2019-0989
CVE-2019-0990
CVE-2019-1038
CVE-2019-1002
CVE-2019-1005
CVE-2019-1055
CVE-2019-0991
CVE-2019-1023
CVE-2019-1080
CVE-2019-0992
CVE-2019-1003
CVE-2019-0988
CVE-2019-1052
CVE-2019-0920
Оказываемое влияние
?
ACE 
[?]

OSI 
[?]

SB 
[?]
Связанные продукты
Microsoft Internet Explorer
Microsoft Edge
CVE-IDS
CVE-2019-10814.3Warning
CVE-2019-10514.2Warning
CVE-2019-10545.0Critical
CVE-2019-09934.2Warning
CVE-2019-10244.2Warning
CVE-2019-09894.2Warning
CVE-2019-09906.5High
CVE-2019-10387.5Critical
CVE-2019-10024.2Warning
CVE-2019-10057.5Critical
CVE-2019-10557.5Critical
CVE-2019-09914.2Warning
CVE-2019-10236.5High
CVE-2019-10807.5Critical
CVE-2019-09924.2Warning
CVE-2019-10034.2Warning
CVE-2019-09887.5Critical
CVE-2019-10524.2Warning
CVE-2019-09207.5Critical
Microsoft official advisories
Microsoft Security Update Guide
KB list

4503293
4503327
4503286
4503284
4503287
4503285
4503276
4503292
4503267
4503291
4503279
4503273
4503259