2820 matches found
CVE-2017-11889
Technical details for CVE-2017-11889 are not provided in the supplied documents. Please monitor official advisories and vendor advisories for updates, patches, and exact impact guidance once publicly disclosed.
CVE-2017-11916
Technical details for CVE-2017-11916 are not publicly available in the provided documents; monitor for updates.
CVE-2017-11893
CVE-2017-11893 corresponds to a ChakraCore/Edge memory-corruption vulnerability affecting ChakraCore and Microsoft Edge on Windows 10 versions 1511–1709 and Windows Server 2016. The root cause is improper handling of in-memory scripting engine objects, enabling an attacker to execute arbitrary co...
CVE-2017-11930
CVE-2017-11930 affects ChakraCore and related Windows components (Internet Explorer). The core issue is a memory-handling flaw in the scripting engine that can lead to arbitrary code execution in the context of the current user. Descriptions in connected advisories frame this as a “Scripting Engi...
CVE-2017-11912
CVE-2017-11912 is a ChakraCore scripting engine memory corruption vulnerability affecting ChakraCore, IE/Edge on Windows platforms listed in the Initial document. Connected sources describe remote code execution risk due to memory object handling, enabling an attacker to run code in the context o...
CVE-2017-11911
Technical details about CVE-2017-11911 are not publicly available in the provided documents. Connected sources reference other CVEs (e.g., CVE-2017-11930) and do not expose affected product/version or remediation for this CVE.
CVE-2017-11914
CVE-2017-11914 concerns a memory handling issue in the ChakraCore scripting engine used by ChakraCore and Microsoft Edge on Windows 10 (versions 1511, 1607, 1703, 1709) and Windows Server 2016. The root cause is described as how the scripting engine handles objects in memory, leading to a memory ...
CVE-2017-11914
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to gain the same user rights as the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique...
CVE-2017-11918
CVE-2017-11918 is described as a ChakraCore/Edge memory-corruption issue in the scripting engine that could allow an attacker to execute code with the current user’s rights. Connected advisories cite ChakraCore-related RCE vulnerabilities affecting Windows 10 variants and Windows Server 2016, att...
CVE-2017-11889
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". Thi...
CVE-2017-11919
CVE-2017-11919 affects ChakraCore and Internet Explorer in multiple Windows versions (Windows 7 SP1, Server 2008 R2 SP1, 8.1/RT 8.1, 2012 R2, 10 (various builds), and Edge). Root cause: vulnerability in the scripting engine due to how it handles objects in memory, leading to information disclosur...
December Patch Tuesday: Quiet End to the Year
This December Patch Tuesday is considerably lighter than last month’s patch releases. While only three of the fixes were for Windows operating systems, the majority of the vulnerabilities to pay attention to are Browser/Scripting Engine-based. Overall, this month's updates address are fixes for 3...
Microsoft December Patch Tuesday Update Fixes Six Critical Bugs
Microsoft patched 34 vulnerabilities that are part of its December Patch Tuesday release. A total of 20 vulnerabilities were rated critical and another 12 were rated important. Impacted are Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office, SharePoint and Exchange. Notable...
December 12, 2017—KB4053581 (OS Build 10240.17709)
December 12, 2017—KB4053581 OS Build 10240.17709 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue where users of SQL Server Reporting Services may not be able to use the...
December 12, 2017—KB4053580 (OS Build 15063.786)
December 12, 2017—KB4053580 OS Build 15063.786 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Updates Internet Explorer’s default visibility for the button that launches Microsoft Edge...
December 12, 2017—KB4053579 (OS Build 14393.1944)
December 12, 2017—KB4053579 OS Build 14393.1944 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses issue where users of SQL Server Reporting Services may not be able to use the...
December 12, 2017—KB4054517 (OS Build 16299.125)
December 12, 2017—KB4054517 OS Build 16299.125 Improvements and fixes This update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Updates Internet Explorer’s default visibility for the button that launches Microsoft Edge...
December 12, 2017—KB4054523 (Security-only update)
December 12, 2017—KB4054523 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses additional issues with updated time zone information. Security updates t...
December 12, 2017—KB4054522 (Security-only update)
December 12, 2017—KB4054522 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses additional issues with updated time zone information. Security updates t...
December 12, 2017—KB4054521 (Security-only update)
December 12, 2017—KB4054521 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses additional issues with updated time zone information. Security updates t...