Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA11935
Multiple vulnerabilities in Microsoft Browsers

Обновлено: 15/02/2021
Дата обнаружения
 11/08/2020
Уровень угрозы
 Critical
Описание

Multiple vulnerabilities were found in Microsoft Browsers. Malicious users can exploit these vulnerabilities to execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. A memory corruption vulnerability in Microsoft Edge can be exploited remotely via specially crafted website to execute arbitrary code.
  2. A remote code execution vulnerability in Microsoft Edge PDF can be exploited remotely via specially crafted to execute arbitrary code.
  3. A memory corruption vulnerability in Scripting Engine can be exploited remotely via specially crafted website to execute arbitrary code.
  4. A remote code execution vulnerability in MSHTML Engine can be exploited remotely via specially crafted file to execute arbitrary code.
Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Пораженные продукты

Microsoft Edge (EdgeHTML-based)
Internet Explorer 9
Internet Explorer 11
ChakraCore
Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)
Первичный источник обнаружения
 CVE-2020-1569
CVE-2020-1568
CVE-2020-1570
CVE-2020-1567
CVE-2020-1380
CVE-2020-1555
Оказываемое влияние
?
ACE 
[?]
Связанные продукты
 Microsoft Internet Explorer
Microsoft Edge
ChakraCore
CVE-IDS
CVE-2020-15707.6Critical
CVE-2020-15677.6Critical
CVE-2020-15697.6Critical
CVE-2020-15687.6Critical
CVE-2020-13807.6Critical
CVE-2020-15559.3Critical
KB list

4571692
4571694
4571729
4571687
4571709
4566782
4571703
4565349
4571736
4571741
4565351
Microsoft official advisories
 Microsoft Security Update Guide
© 2021 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up