Affected Software: Internet Explorer 11 on Windows Server 2012 R2, Internet Explorer 11 on Windows Server 2012, Internet Explorer 11 on Windows Server 2008 R2 SP1, Internet Explorer 11 on Windows 8.1, Internet Explorer 11 on Windows 7 SP1, Internet Explorer 10 on Windows Server 2012, Internet Explorer 9 on Windows Server 2008 SP2.
Type: Remote Code Execution
Exploit Status: Exploited but not Public
Vulnerability Summary: A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could run arbitrary code in the context of the current user.
If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
The IE vulnerability stems from how the browser's scripting engine handles objects in memory. The flaw permits an attacker to "execute code in the context of the current user," including system administrators if that's the case. It's present in IE 11 on Windows 10 and Windows Server 2019, IE 10 on Windows Server 2012, and IE 9 on Windows Server 2008 Service Pack 2.
Impact: Remote Code Execution allowing an attacker to run arbitrary code.
Mitigation: Ingalls encourages clients and partners to immediately deploy Cumulative security update for Internet Explorer: September 23, 2019 (https://support.microsoft.com/en-us/help/4522007/cumulative-security-update-for-internet-explorer)
Ingalls recommends the following the fix actions as recommended by Microsoft:
Update all versions of Internet Explorer on all Windows PC and Server platforms using the link above for installation instructions and update downloads.