An information disclosure vulnerability exists when Internet Explorer improperly handles objects in memory.An attacker who successfully exploited this vulnerability could test for the presence of files on disk, aka 'Internet Explorer Information Disclosure Vulnerability'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft internet explorer 10 |
||
microsoft internet explorer 11 |
This month the vendor has patched 74 vulnerabilities, 20 of which are rated Critical.
Posted: 13 Feb, 201922 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – February 2019This month the vendor has patched 74 vulnerabilities, 20 of which are rated Critical.As always, customers are advised to follow these security best practices: Install vendor patches as soon as they are available. Run all software with the least privileges required while still maintaining functionality. Avoid hand...
In May 2020, Kaspersky technologies prevented an attack on a South Korean company by a malicious script for Internet Explorer. Closer analysis revealed that the attack used a previously unknown full chain that consisted of two zero-day exploits: a remote code execution exploit for Internet Explorer and an elevation of privilege exploit for Windows. Unlike a previous full chain that we discovered, used in Operation WizardOpium, the new full chain targeted the latest builds of Windows 10, and our ...
Hefty load from Microsoft, Adobe, with special guest star Cisco Everyone screams patch ASAP – but it takes most organizations a month to update their networks
Patch Tuesday Microsoft and Adobe have teamed up to give users and sysadmins plenty of work to do this week. The February edition of Patch Tuesday includes more than 70 CVE-listed vulnerabilities from each vendor – yes, each – as well as a critical security fix from Cisco. You should patch them as soon as it is possible. For Redmond, the February dump covers 77 CVE-listed bugs across Windows, Office, and Edge/IE. Among the most potentially serious was CVE-2019-0626, a remote code execution v...