Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
mskbMicrosoftKB4457426
HistorySep 11, 2018 - 7:00 a.m.

Cumulative security update for Internet Explorer: September 11, 2018

2018-09-1107:00:00
Microsoft
support.microsoft.com
19

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.148 Low

EPSS

Percentile

95.8%

JSON

Cumulative security update for Internet Explorer: September 11, 2018

Summary

This security update resolves several reported vulnerabilities in Internet Explorer. The most severe of these vulnerabilities could allow remote code execution if a user views a specially crafted webpage in Internet Explorer. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures. Additionally, see the following articles for more information about this cumulative update:

  • Windows Server 2008 SP2 update history

  • Windows 7 SP1 and Windows Server 2008 R2 SP1 update history

  • Windows Server 2012 update history

  • Windows 8.1 and Windows Server 2012 R2 update history

  • Windows 10 and Windows Server 2016 update history
    Important

  • The fixes that are included in this Security Update for Internet Explorer (KB 4457426) are also included in the September 2018 Security Monthly Quality Rollup. Installing either the Security Update for Internet Explorer or the Security Monthly Quality Rollup installs the fixes that are in this update.

  • If you use update management processes other than Windows Update and you automatically approve all security updates classifications for deployment, this Security Update for Internet Explorer (KB 4457426), the September 2018 Security Only Quality Update, and the September 2018 Security Monthly Quality Rollup are deployed. We recommend that you review your update deployment rules to make sure that the desired updates are deployed.

  • This Security Update for Internet Explorer is not applicable for installation on a computer on which the Security Monthly Quality Rollup or the Preview of Monthly Quality Rollup from September 2018 (or a later month) is already installed. This is because those updates contain all the fixes that are in this Security Update for Internet Explorer.

  • If you install a language pack after you install this update, you must reinstall this update. Therefore, we recommend that you install any language packs that you need before you install this update. For more information, see Add language packs to Windows.

How to get and install the update

Method 1: Microsoft Update

This update is available through Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically.For more information about how to get security updates automatically, see Windows Update: FAQ.Note For Windows RT and Windows RT 8.1, this update is available through Microsoft Update only.

Method 2: Microsoft Update Catalog

To get the stand-alone package for this update, go to the Microsoft Update Catalog website.

Deployment information

For deployment details for this security update, see the following article in the Microsoft Knowledge Base:Security update deployment information: September 11, 2018

More Information

__

How to get help and support for this security update

Help for installing updates: Windows Update: FAQHelp for protecting your Windows-based computer from viruses and malware: Microsoft SecureLocal support according to your country: International Support

File informationFor a list of the files that are provided in this cumulative update, download the file information for cumulative update 4457426.

File hash information

File name SHA1 hash SHA256 hash
Windows8.1-KB4457426-arm.msu 043C3F055DB9187824B4732623B1CCB292C0D818 BAD078B570F9C475D564510A1CD1AC819D5508982F38E5E42E302B0B6FFD9354
Windows8.1-KB4457426-x86.msu B2E90B932B07059E475352520EA7662D74BAEF97 448EDA9B14673F64EB29A99340FCB33868F556E526F295CD9120155BB2ADC09A
Windows8.1-KB4457426-x64.msu 5A29A493D563CED0019FDE058F1A5340AD78B0EC 58137BC6EC0DED4BC3DC1824CDFD4904F0C48BC5B0BE151733F396C8A0CD4F91
Windows8-RT-KB4457426-x64.msu DE50264E7E467874A2FDF3ADF925144D0ACF6F6E EE03CB07321551B5F8E2FAD42DA79A595B93F3C0FD7A300D8698AB2156992166
IE11-Windows6.1-KB4457426-X64.msu AF8ECEE61650207845E53234807AC7202B6FA3AA 80788607D1106821319F22F5DFEDA5FDA4A7E87AE3DA972EB28F06A7CE509C57
IE11-Windows6.1-KB4457426-X86.msu 834404348B8623C9F85F10E9B7449AA2BB62546E 9141C87DEFC6228C5B78C8C12E01CB146F0BE21D50D5D89CDA0DAFB93260296F
IE9-Windows6.0-KB4457426-X86.msu 02BAF2CDD338AE9CDE71B0E1369BF9AC23552C07 2E55C3D2C7A6A6CFDE11126F073CB8437B4FB92510881CFA8FCF845BC976538A
IE9-Windows6.0-KB4457426-X64.msu 6DED503A59F5A097F7B859EA8A1B505BCC4A0227 631800ACCE2AF1DD4CA85F5E4AE62CF3F606DA2F74FE14627F59B1FDE89E541F

Related

nessus 10
openvas 8
osv 9
checkpoint_advisories 2
prion 10
symantec 5
cve 10
veracode 2
mscve 5
github 6
kaspersky 2
zdi 1
mskb 9
qualysblog 1
krebs 1
threatpost 1
thn 1
talosblog 1
nessus
nessus
Security Updates for Internet Explorer (September 2018)
2018-09-11 00:00:00
KB4457145: Windows 7 and Windows Server 2008 R2 September 2018 Security Update
2018-09-11 00:00:00
KB4457143: Windows 8.1 and Windows Server 2012 R2 September 2018 Security Update
2018-09-11 00:00:00
openvas
openvas
Microsoft Internet Explorer Multiple Vulnerabilities (KB4457426)
2018-09-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4457144)
2018-09-12 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4457129)
2018-09-12 00:00:00
osv
osv
ChakraCore information disclosure vulnerability
2022-05-14 02:03:04
ChakraCore information disclosure vulnerability
2022-05-13 01:53:42
CVE-2018-8456
2018-09-13 00:29:05
checkpoint_advisories
checkpoint_advisories
Microsoft Internet Explorer Security Feature Bypass (CVE-2018-8470)
2018-09-11 00:00:00
Microsoft Internet Explorer Memory Corruption (CVE-2018-8447)
2018-09-11 00:00:00
prion
prion
Security feature bypass
2018-09-13 00:29:00
Information disclosure
2018-09-13 00:29:00
Information disclosure
2018-09-13 00:29:00
symantec
symantec
Microsoft Internet Explorer CVE-2018-8470 Security Bypass Vulnerability
2018-09-11 00:00:00
Microsoft Internet Explorer and Edge CVE-2018-8315 Information Disclosure Vulnerability
2018-09-11 00:00:00
Microsoft Internet Explorer CVE-2018-8447 Remote Memory Corruption Vulnerability
2018-09-11 00:00:00
cve
cve
CVE-2018-8315
2018-09-13 00:29:00
CVE-2018-8470
2018-09-13 00:29:00
CVE-2018-8452
2018-09-13 00:29:00
veracode
veracode
Information Disclosure
2018-09-14 08:12:25
Information Disclosure
2018-09-14 02:53:45
mscve
mscve
Microsoft Scripting Engine Information Disclosure Vulnerability
2018-09-11 07:00:00
Internet Explorer Security Feature Bypass Vulnerability
2018-09-11 07:00:00
Scripting Engine Information Disclosure Vulnerability
2018-09-11 07:00:00
github
github
ChakraCore information disclosure vulnerability
2022-05-14 02:03:04
ChakraCore information disclosure vulnerability
2022-05-13 01:53:42
ChakraCore RCE Vulnerability
2022-05-13 01:20:52
kaspersky
kaspersky
KLA11318 Multiple vulnerabilities in Microsoft Browsers
2018-09-11 00:00:00
KLA11890 Multiple vulnerabilities in Microsoft Products (ESU)
2018-09-11 00:00:00
zdi
zdi
Microsoft Internet Explorer Table Row NULL Pointer Dereference Remote Code Execution Vulnerability
2018-09-14 00:00:00
mskb
mskb
September 11, 2018—KB4457144 (Monthly Rollup)
2018-09-11 07:00:00
September 11, 2018—KB4457129 (Monthly Rollup)
2018-09-11 07:00:00
September 11, 2018—KB4457131 (OS Build 14393.2485)
2018-09-11 07:00:00
qualysblog
qualysblog
September 2018 Patch Tuesday – 61 Vulns, FragmentSmack, Hyper-V Escape
2018-09-11 18:34:26
krebs
krebs
Patch Tuesday, September 2018 Edition
2018-09-11 20:35:27
threatpost
threatpost
Microsoft Patches Actively Exploited Bug as Part of Patch Tuesday
2018-09-11 21:04:17
thn
thn
Microsoft Issues Software Updates for 17 Critical Vulnerabilities
2018-09-11 18:34:00
talosblog
talosblog
Microsoft Patch Tuesday - September 2018
2018-09-11 11:56:00

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

7.1 High

AI Score

Confidence

Low

7.6 High

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:H/Au:N/C:C/I:C/A:C

0.148 Low

EPSS

Percentile

95.8%

JSON
Related for KB4457426
nessus10openvas8osv9checkpoint_advisories2prion10symantec5cve10veracode2mscve5github6kaspersky2zdi1mskb9qualysblog1krebs1threatpost1thn1talosblog1