My next class:
Reverse-Engineering Malware: Advanced Code AnalysisOnline | Greenwich Mean TimeOct 28th - Nov 1st 2024

Microsoft OOB Patch for Internet Explorer: Scripting Engine Memory Corruption Vulnerability

Published: 2018-12-19. Last Updated: 2018-12-19 19:16:50 UTC
by Xavier Mertens (Version: 1)
0 comment(s)

Microsoft just published an out-of-band patch for Internet Explorer. It fixes a memory corruption vulnerability in the scripting engine. This vulnerabiliy is identified as CVE-2018-8653.

When successfully exploited, Internet Explorer could execute arbitrary code in the context of the current user. To exploit the vulnerability, the victim must just visit a malicious web page delivered through a phishing email or social engineering. 

Internet Explorer version 9, 10 & 11 are affected. For a detailed list of the affected systems, Microsoft published the details here: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653.

Please install the provided patches as soon as possible!

Xavier Mertens (@xme)
Senior ISC Handler - Freelance Cyber Security Consultant
PGP Key

0 comment(s)
My next class:
Reverse-Engineering Malware: Advanced Code AnalysisOnline | Greenwich Mean TimeOct 28th - Nov 1st 2024

Comments


Diary Archives