A remote code execution vulnerability exists in some versions of Internet Explorer. An attacker who is able to convince a user to visit a malicious or compromised website may be able to execute code on the affected system, with the same permissions as the user.
The vulnerability affects IE 9 on Windows Server 2008, IE 10 on Windows Server 2012, and IE 11 on all other supported versions of Windows.
Recent assessments:
wvu-r7 at January 24, 2020 12:34am UTC reported:
An Edge vuln might be more valuable, but plenty of people still use IE. Last I heard, there was no known PoC. Perhaps only Google and Qihoo 360 have seen these “attacks in the wild.”
Assessed Attacker Value: 0
Assessed Attacker Value: 0Assessed Attacker Value: 0