|
|
|||
| Rule General Information |
|---|
| Release Date: | 2018-03-13 | |
| Rule Name: | WEB-CLIENT Microsoft Edge and Microsoft Internet Explorer Remote Memory Corruption Vulnerability (CVE-2017-8524) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Microsoft browsers in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allow an attacker to execute arbitrary code in the context of the current user when the JavaScript engines fail to render when handling objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability". | |
| Impact: | An attacker can execute arbitrary code in the context of the vulnerable system. Failed exploit may cause denial-of-service attack. | |
| Affected OS: | Windows | |
| Reference: | SecurityFocusBID:98930 SecurityTrackerID:1038673 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8524 |
|
| Solutions |
|---|
| Apply patch KB4022726 to eliminate the vulnerability. The download link is at: https://www.catalog.update.microsoft.com/Search.aspx?q=KB4022726 |