PT-2020-1389 · Microsoft · Internet Explorer

Name of the Vulnerable Software and Affected Versions: Internet Explorer versions 9 through 11 Description: A remote code execution issue exists due to incorrect handling of objects in memory by the scripting engine in Internet Explorer. This could allow an attacker to execute arbitrary code in t...

Microsoft Internet Explorer Scripting Engine memory corruption vulnerability

Overview The Microsoft Internet Explorer Scripting Engine contains a memory corruption vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code. Description Microsoft Internet Explorer contains a scripting engine, which handles execution of scripting languages...

Microsoft Windows Multiple Vulnerabilities (KB4534310)

This host is missing a critical security update according to Microsoft KB4534310 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

January 14, 2020—KB4534303 (Monthly Rollup)

January 14, 2020—KB4534303 Monthly Rollup IMPORTANT Verify that you have installed the required updates listed in the How to get this update section before installing this update. IMPORTANT Customers who have purchased the Extended Security Update ESU for on-premises versions of some operating...

January 14, 2020—KB4534306 (OS Build 10240.18453)

January 14, 2020—KB4534306 OS Build 10240.18453 For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. Highlights Updates to improve security when storing and managing files. Updates to impro...

January 14, 2020—KB4534293 (OS Build 17134.1246)

January 14, 2020—KB4534293 OS Build 17134.1246 Windows 10, version 1803 the April 2018 Update Home and Pro editions have reached end of service. For Windows 10 devices that are at, or within several months of reaching end of service, Windows Update will automatically initiate a feature update wit...

January 14, 2020—KB4534283 (Monthly Rollup)

January 14, 2020—KB4534283 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4525242 released November 19, 2019 and addresses the following issues: Security updates to the Microsoft Scripting Engine, Windows Input and...

January 14, 2020—KB4534297 (Monthly Rollup)

January 14, 2020—KB4534297 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4525252 released November 19, 2019 and addresses the following issues: Addresses an issue to support new SameSitecookie policies by default for releas...

December 10, 2019—KB4530681 (OS Build 10240.18427)

December 10, 2019—KB4530681 OS Build 10240.18427 For more information about the various types of Windows updates, such as critical, security, driver, service packs, and so on, please see the following article. Highlights Updates to improve security when Windows performs basic operations. Updates ...

December 10, 2019—KB4530715 (OS Build 17763.914)

December 10, 2019—KB4530715 OS Build 17763.914 Note This release also contains updates for Microsoft HoloLens OS Build 17763.914 released December 10, 2019. Microsoft will release an update directly to the Windows Update Client to improve Windows Update reliability on Microsoft HoloLens that have...

December 10, 2019—KB4530702 (Monthly Rollup)

December 10, 2019—KB4530702 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4525252released November 19, 2019 and addresses the following issues: Security updates to Windows Virtualization, Windows Kernel, Windows Peripherals...

December 10, 2019—KB4530691 (Monthly Rollup)

December 10, 2019—KB4530691 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4525242released November 19, 2019 and addresses the following issues: Security updates to Windows Input and Composition, Windows Virtualization,...

Remote Code Execution

Microsoft.ChakraCore is vulnerable to remote code execution. This is due to the way the ChakraCore scripting engine handles objects in memory which could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. This CVE ID is different from...

Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2019-42802)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A scripting engine memory corruption vulnerability exists in Microsoft Edge based on EdgeHTML. The vulnerability stems from a problem in the way the scripting engine handles objects in...

Microsoft Edge Scripting Engine Memory Corruption Vulnerability (CNVD-2019-42800)

Microsoft Edge is a web browser from the American company Microsoft that comes with systems after Windows 10. A scripting engine memory corruption vulnerability exists in Microsoft Edge based on EdgeHTML. The vulnerability stems from a problem in the way the scripting engine handles objects in...

Microsoft Windows Multiple Vulnerabilities (KB4525237)

This host is missing a critical security update according to Microsoft KB4525237 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

Microsoft Windows Multiple Vulnerabilities (KB4525232)

This host is missing a critical security update according to Microsoft KB4525232 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

November 2019 Patch Tuesday – 74 vulns, 13 Critical, Actively Attacked IE vuln, Hyper-V escapes, Adobe

This month’s Microsoft Patch Tuesday addresses 74 vulnerabilities with 13 of them labeled as Critical. Of the 13 Critical vulns, 5 are for browsers and scripting engines. Out of the 8 remaining Critical vulns, 4 are potential hypervisor escapes in Hyper-V, as well as vulnerabilities in Microsoft...

CVE-2019-1427

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1426, CVE-2019-1428, CVE-2019-1429...

CVE-2019-1426

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge HTML-based, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1427, CVE-2019-1428, CVE-2019-1429...