• 基础设施安全

  • 数据安全

  • 云计算安全

  • 工控安全

  • 物联网安全

  • 信息技术应用创新

  • 全部产品

  • 全部解决方案

基础设施安全


  • 政府

  • 运营商

  • 金融

  • 能源

  • 交通

  • 企业

  • 教育

  • 医疗

返回列表

【安全威胁通告】微软发布10月补丁修复61个安全问题

2019-10-09

 

 

 

综述  

 

微软于周二发布了10月安全更新补丁,修复了61个从简单的欺骗攻击到远程执行代码的安全问题,产品涉及Azure、Internet Explorer、Microsoft Browsers、Microsoft Devices、Microsoft Dynamics、Microsoft Edge、Microsoft Graphics Component、Microsoft JET Database Engine、Microsoft Office、Microsoft Office SharePoint、Microsoft scripting Engine、Microsoft Windows、Open Source Software、Secure Boot、Servicing Stack Updates、SQL Server、Windows Hyper-V、Windows IIS、Windows Installer、Windows Kernel、Windows NTLM、Windows RDP以及Windows Update Stack。

相关信息如下:

 
 
 
 
 
 
 
 
 

产品

CVE编号

CVE标题

严重程度

Azure

CVE-2019-1372

Azure App Service远程代码执行漏洞

Critical

Internet Explorer

CVE-2019-1371

Internet Explorer内存破坏漏洞

Important

Microsoft Browsers

CVE-2019-0608

Microsoft Browser欺骗漏洞

Important

Microsoft Browsers

CVE-2019-1357

Microsoft Browser欺骗漏洞

Important

Microsoft Devices

CVE-2019-1314

Windows 10 Mobile安全功能绕过漏洞

Important

Microsoft Dynamics

CVE-2019-1375

Microsoft Dynamics 365 (On-Premise) Cross Site scripting Vulnerability

Important

Microsoft Edge

CVE-2019-1356

Microsoft Edge based on Edge HTML信息泄露漏洞

Important

Microsoft Graphics Component

CVE-2019-1361

Microsoft Graphics Components信息泄露漏洞

Important

Microsoft Graphics Component

CVE-2019-1362

Win32k特权提升漏洞

Important

Microsoft Graphics Component

CVE-2019-1363

Windows GDI信息泄露漏洞

Important

Microsoft Graphics Component

CVE-2019-1364

Win32k特权提升漏洞

Important

Microsoft JET Database Engine

CVE-2019-1358

Jet Database Engine远程代码执行漏洞

Important

Microsoft JET Database Engine

CVE-2019-1359

Jet Database Engine远程代码执行漏洞

Important

Microsoft Office

CVE-2019-1327

Microsoft Excel远程代码执行漏洞

Important

Microsoft Office

CVE-2019-1331

Microsoft Excel远程代码执行漏洞

Important

Microsoft Office SharePoint

CVE-2019-1070

Microsoft Office SharePoint XSS Vulnerability

Important

Microsoft Office SharePoint

CVE-2019-1328

Microsoft SharePoint欺骗漏洞

Important

Microsoft Office SharePoint

CVE-2019-1329

Microsoft SharePoint特权提升漏洞

Important

Microsoft Office SharePoint

CVE-2019-1330

Microsoft SharePoint特权提升漏洞

Important

Microsoft scripting Engine

CVE-2019-1060

MS XML远程代码执行漏洞

Critical

Microsoft scripting Engine

CVE-2019-1307

Chakra scripting Engine内存破坏漏洞

Critical

Microsoft scripting Engine

CVE-2019-1308

Chakra scripting Engine内存破坏漏洞

Critical

Microsoft scripting Engine

CVE-2019-1238

vbscript远程代码执行漏洞

Critical

Microsoft scripting Engine

CVE-2019-1239

vbscript远程代码执行漏洞

Critical

Microsoft scripting Engine

CVE-2019-1335

Chakra scripting Engine内存破坏漏洞

Critical

Microsoft scripting Engine

CVE-2019-1366

Chakra scripting Engine内存破坏漏洞

Critical

Microsoft Windows

CVE-2019-1341

Windows Power Service特权提升漏洞

Important

Microsoft Windows

CVE-2019-1342

Windows Error Reporting Manager特权提升漏洞

Important

Microsoft Windows

CVE-2019-1344

Windows Code Integrity Module信息泄露漏洞

Important

Microsoft Windows

CVE-2019-1346

Windows拒绝服务漏洞

Important

Microsoft Windows

CVE-2019-1347

Windows拒绝服务漏洞

Important

Microsoft Windows

CVE-2019-1311

Windows Imaging API远程代码执行漏洞

Important

Microsoft Windows

CVE-2019-1315

Windows Error Reporting Manager特权提升漏洞

Important

Microsoft Windows

CVE-2019-1316

Microsoft Windows Setup特权提升漏洞

Important

Microsoft Windows

CVE-2019-1317

Microsoft Windows拒绝服务漏洞

Important

Microsoft Windows

CVE-2019-1318

Microsoft Windows Transport Layer Security欺骗漏洞

Important

Microsoft Windows

CVE-2019-1319

Windows Error Reporting特权提升漏洞

Important

Microsoft Windows

CVE-2019-1320

Microsoft Windows特权提升漏洞

Important

Microsoft Windows

CVE-2019-1321

Microsoft Windows CloudStore特权提升漏洞

Important

Microsoft Windows

CVE-2019-1322

Microsoft Windows特权提升漏洞

Important

Microsoft Windows

CVE-2019-1325

Windows Redirected Drive Buffering System特权提升漏洞

Moderate

Microsoft Windows

CVE-2019-1338

Windows NTLM安全功能绕过漏洞

Important

Microsoft Windows

CVE-2019-1339

Windows Error Reporting Manager特权提升漏洞

Important

Microsoft Windows

CVE-2019-1340

Microsoft Windows特权提升漏洞

Important

Open Source Software

CVE-2019-1369

Open Enclave SDK信息泄露漏洞

Important

Secure Boot

CVE-2019-1368

Windows Secure Boot安全功能绕过漏洞

Important

Servicing Stack Updates

ADV990001

Latest Servicing Stack Updates

Critical

SQL Server

CVE-2019-1313

SQL Server Management Studio信息泄露漏洞

Important

SQL Server

CVE-2019-1376

SQL Server Management Studio信息泄露漏洞

Important

Windows Hyper-V

CVE-2019-1230

Hyper-V信息泄露漏洞

Important

Windows IIS

CVE-2019-1365

Microsoft IIS Server特权提升漏洞

Important

Windows Installer

CVE-2019-1378

Windows 10 Update Assistant特权提升漏洞

Important

Windows Kernel

CVE-2019-1343

Windows拒绝服务漏洞

Important

Windows Kernel

CVE-2019-1345

Windows Kernel信息泄露漏洞

Important

Windows Kernel

CVE-2019-1334

Windows Kernel信息泄露漏洞

Important

Windows NTLM

CVE-2019-1166

Windows NTLM Tampering Vulnerability

Important

Windows RDP

CVE-2019-1326

Windows Remote Desktop Protocol (RDP)拒绝服务漏洞

Important

Windows RDP

CVE-2019-1333

Remote Desktop Client远程代码执行漏洞

Critical

Windows Update Stack

CVE-2019-1323

Microsoft Windows Update Client特权提升漏洞

Important

Windows Update Stack

CVE-2019-1336

Microsoft Windows Update Client特权提升漏洞

Important

Windows Update Stack

CVE-2019-1337

Windows Update Client信息泄露漏洞

Important

 

 

 

 

修复建议

微软官方已经发布更新补丁,请及时进行补丁更新。

 

附件

ADV990001 - Latest Servicing Stack Updates

 
 
 
 
 
 
 
 
 

CVE ID

Vulnerability Description

Maximum Severity Rating

Vulnerability Impact

ADV990001
MITRE
NVD

CVE Title:Latest Servicing Stack Updates
Description:

This is a list of the latest servicing stack updates for each operating system. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.


FAQ:

1. Why are all of the Servicing Stack Updates (SSU) critical updates?

The SSUs are classified as Critical updates. This does not indicate that there is a critical vulnerability being addressed in the update.

2. When was the most recent SSU released for each version of Microsoft Windows?

Please refer to the following table for the most recent SSU release. We will update the entries any time a new SSU is released:

 
 
 
 
 
 

Product

SSU Package

Date Released

Windows Server 2008

4517134

September 2019

Windows 7/Server 2008 R2

4516655

September 2019

Windows Server 2012

4521857

October 2019

Windows 8.1/Server 2012 R2

4521864

October 2019

Windows 10

4521856

October 2019

Windows 10 Version 1607/Server 2016

4521858

October 2019

Windows 10 Version 1703

4521859

October 2019

Windows 10 1709

4521860

October 2019

Windows 10 1803/Windows Server version 1803

4521861

October 2019

Windows 10 1809/Server 2019

4521862

October 2019

Windows 10 1903/Windows Server version 1903

4521863

October 2019



Mitigations:
None
Workarounds:
None
Revision:
7.0    04/09/2019 07:00:00    

A Servicing Stack Update has been released for Windows Server 2008 and Windows Server 2008 (Server Core installation); Windows 10 version 1809 Windows Server 2019 and Windows Server 2019 (Server Core installation). See the FAQ section for more information.

5.0    02/12/2019 08:00:00    

A Servicing Stack Update has been released for Windows 10 Version 1607 Windows Server 2016 and Windows Server 2016 (Server Core installation); Windows 10 Version 1703; Windows 10 Version 1709 and Windows Server version 1709 (Server Core Installation); Windows 10 Version 1803 and Windows Server version 1803 (Server Core Installation). See the FAQ section for more information.

11.0    07/09/2019 07:00:00    

A Servicing Stack Update has been released for all supported versions of Windows 10 (including Windows Server 2016 and 2019) Windows 8.1 Windows Server 2012 R2 and Windows Server 2012. See the FAQ section for more information.

5.2    02/14/2019 08:00:00    

In the Security Updates table corrected the Servicing Stack Update (SSU) for Windows 10 Version 1803 for x64-based Systems to 4485449. This is an informational change only.

12.0    07/24/2019 07:00:00    

A Servicing Stack Update has been released for Windows 10 Version 1809 and Windows Server 2019. See the FAQ section for more information.

3.0    12/11/2018 08:00:00    

A Servicing Stack Update has been released for Windows 10 Version 1709 Windows Server version 1709 (Server Core Installation) Windows 10 Version 1803 and Windows Server version 1803 (Server Core Installation). See the FAQ section for more information.

6.0    03/12/2019 07:00:00    

A Servicing Stack Update has been released for Windows 7 and Windows Server 2008 R2 and Windows Server 2008 R2 (Server Core installation). See the FAQ section for more information.

9.0    06/11/2019 07:00:00    

A Servicing Stack Update has been released for Windows 10 version 1607 Windows Server 2016 Windows 10 version 1809 and Windows Server 2019. See the FAQ section for more information.

8.0    05/14/2019 07:00:00    

A Servicing Stack Update has been released for Windows 10 version 1507 Windows 10 version 1607 Windows Server 2016 Windows 10 version 1703 Windows 10 version 1709 Windows Server version 1709 Windows 10 version 1803 Windows Server version 1803 Windows 10 version 1809 Windows Server 2019 Windows 10 version 1809 and Windows Server version 1809. See the FAQ section for more information.

4.0    01/08/2019 08:00:00    

A Servicing Stack Update has been released for Windows 10 Version 1703. See the FAQ section for more information.

15.0    10/08/2019 07:00:00    

A Servicing Stack Update has been released for all supported versions of Windows 10 (including Windows Server 2016 and 2019) Windows 8.1 Windows Server 2012 R2 and Windows Server 2012. See the FAQ section for more information.

14.0    09/10/2019 07:00:00    

A Servicing Stack Update has been released for all supported versions of Windows. See the FAQ section for more information.

3.1    12/11/2018 08:00:00    

Updated supersedence information. This is an informational change only.

3.2    12/12/2018 08:00:00    

Fixed a typo in the FAQ.

1.1    11/14/2018 08:00:00    

Corrected the link to the Windows Server 2008 Servicing Stack Update. This is an informational change only.

1.0    11/13/2018 08:00:00    

Information published.

2.0    12/05/2018 08:00:00    

A Servicing Stack Update has been released for Windows 10 Version 1809 and Windows Server 2019. See the FAQ section for more information.

1.2    12/03/2018 08:00:00    

FAQs have been added to further explain Security Stack Updates. The FAQs include a table that indicates the most recent SSU release for each Windows version. This is an informational change only.

13.0    07/26/2019 07:00:00    

A Servicing Stack Update has been released for Windows 10 version 1903 and Windows Server version 1903 (Server Core installation). See the FAQ section for more information.

5.1    02/13/2019 08:00:00    

In the Security Updates table corrected the Servicing Stack Update (SSU) for Windows 10 Version 1809 for x64-based Systems to 4470788. This is an informational change only.

10.0    06/14/2019 07:00:00    

A Servicing Stack Update has been released for Windows 10 version 1903 and Windows Server version 1903 (Server Core installation). See the FAQ section for more information.

Critical

Defense in Depth

Affected Software

The following tables list the affected software details for the vulnerability.

 
 
 

ADV990001

Product

KB Article

Severity

Impact

Supersedence

CVSS Score Set

Restart Required

Windows 7 for 32-bit Systems Service Pack 1

4516655 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 7 for x64-based Systems Service Pack 1

4516655 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2008 R2 for x64-based Systems Service Pack 1 (Server Core installation)

4516655 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2008 R2 for Itanium-Based Systems Service Pack 1

4516655 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2008 R2 for x64-based Systems Service Pack 1

4516655 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2008 for 32-bit Systems Service Pack 2 (Server Core installation)

4517134 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2012

4512939 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2012 (Server Core installation)

4512939 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 8.1 for 32-bit systems

4512938 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 8.1 for x64-based systems

4512938 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2012 R2

4512938 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2012 R2 (Server Core installation)

4512938 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 for 32-bit Systems

4521856 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 for x64-based Systems

4521856 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2016

4521858 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1607 for 32-bit Systems

4521858 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1607 for x64-based Systems

4521858 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2016 (Server Core installation)

4521858 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1703 for 32-bit Systems

4521859 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1703 for x64-based Systems

4521859 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1709 for 32-bit Systems

4521860 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1709 for x64-based Systems

4521860 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1803 for 32-bit Systems

4521861 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1803 for x64-based Systems

4521861 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server version 1803 (Server Core Installation)

4521861 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1803 for ARM64-based Systems

4521861 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1809 for 32-bit Systems

4521862 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1809 for x64-based Systems

4521862 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1809 for ARM64-based Systems

4521862 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2019

4521862 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2019 (Server Core installation)

4521862 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1709 for ARM64-based Systems

4521860 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1903 for 32-bit Systems

4521863 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1903 for x64-based Systems

4521863 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows 10 Version 1903 for ARM64-based Systems

4521863 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server version 1903 (Server Core installation)

4521863 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2008 for Itanium-Based Systems Service Pack 2

4517134 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2008 for 32-bit Systems Service Pack 2

4517134 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2008 for x64-based Systems Service Pack 2

4517134 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

Windows Server 2008 for x64-based Systems Service Pack 2 (Server Core installation)

4517134 Servicing Stack Update

Critical

Defense in Depth

 

Base: N/A
Temporal: N/A
Vector: N/A

Yes

CVE-2019-0608 - Microsoft Browser Spoofing Vulnerability

 
 
 
 
 
 
 
 
 

CVE ID

Vulnerability Description

Maximum Severity Rating

Vulnerability Impact

CVE-2019-0608
MITRE
NVD

CVE Title:Microsoft Browser Spoofing Vulnerability
Description:

A spoofing vulnerability exists when Microsoft Browsers does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could impersonate a user request by crafting HTTP queries. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.

To exploit the vulnerability the user must click a specially crafted URL. In an email attack scenario an attacker could send an email message containing the specially crafted URL to the user in an attempt to convince the user to click it.

In a web-based attack scenario an attacker could host a specially crafted website designed to appear as a legitimate website to the user. However the attacker would have no way to force the user to visit the specially crafted website. The attacker would have to convince the user to visit the specially crafted website typically by way of enticement in an email or instant message and then convince the user to interact with content on the website.

The update addresses the vulnerability by correcting how Microsoft Browsers parses HTTP responses.


FAQ:
None
Mitigations:
None
Workarounds:
None
Revision:
1.0    10/08/2019 07:00:00    

Information published.

Important

Spoofing

Affected Software

The following tables list the affected software details for the vulnerability.

 
 
 

您的联系方式

*姓名
*单位名称
*联系方式
*验证码
提交到邮箱

购买热线

  • 购买咨询:

    400-818-6868-1

  • 服务热线:

    010-68438880-5069

  • 投诉专线:

    010-59610080

提交项目需求

欢迎加入绿盟科技,成为我们的合作伙伴!
  • *请描述您的需求
  • *最终客户名称
  • *项目名称
  • 您感兴趣的产品
  • 项目预算
您的联系方式
  • *姓名
  • *联系电话
  • *邮箱
  • *职务
  • *公司
  • *城市
  • *行业
  • *验证码
  • 提交到邮箱

微博

微信

服务热线

400-818-6868

服务时间

7*24小时

© 2020 NSFOCUS 绿盟科技 www.nsfocus.com All Rights Reserved . 京公网安备 11010802021605号 京ICP备14004349号 京ICP证110355号

CVE-2019-0608

Product

KB Article

Severity

Impact

Supersedence

CVSS Score Set

Restart Required

Internet Explorer 9 on Windows Server 2008 for 32-bit Systems Service Pack 2

4519974 IE Cumulative
4520002 Monthly Rollup

Low

Spoofing

4516026

Base: 2.4
Temporal: 2.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 9 on Windows Server 2008 for x64-based Systems Service Pack 2

4519974 IE Cumulative
4520002 Monthly Rollup

Low

Spoofing

4516026

Base: 2.4
Temporal: 2.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 7 for 32-bit Systems Service Pack 1

4519974 IE Cumulative
4519976 Monthly Rollup

Important

Spoofing

4524157

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 7 for x64-based Systems Service Pack 1

4519974 IE Cumulative
4519976 Monthly Rollup

Important

Spoofing

4524157

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows Server 2008 R2 for x64-based Systems Service Pack 1

4519974 IE Cumulative
4519976 Monthly Rollup

Low

Spoofing

4524157

Base: 2.4
Temporal: 2.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows Server 2012

4519974 IE Cumulative

Low

Spoofing

4524135

Base: 2.4
Temporal: 2.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 8.1 for 32-bit systems

4519974 IE Cumulative
4520005 Monthly Rollup

Important

Spoofing

4524156

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 8.1 for x64-based systems

4519974 IE Cumulative
4520005 Monthly Rollup

Important

Spoofing

4524156

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows Server 2012 R2

4519974 IE Cumulative
4520005 Monthly Rollup

Low

Spoofing

4524156

Base: 2.4
Temporal: 2.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows RT 8.1

4520005 Monthly Rollup

Important

Spoofing

4524156

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 for 32-bit Systems

4520011 Security Update

Important

Spoofing

4524153

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 for x64-based Systems

4520011 Security Update

Important

Spoofing

4524153

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows Server 2016

4519998 Security Update

Low

Spoofing

4524152

Base: 2.4
Temporal: 2.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1607 for 32-bit Systems

4519998 Security Update

Important

Spoofing

4524152

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1607 for x64-based Systems

4519998 Security Update

Important

Spoofing

4524152

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1703 for 32-bit Systems

4520010 Security Update

Important

Spoofing

4524151

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1703 for x64-based Systems

4520010 Security Update

Important

Spoofing

4524151

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1709 for 32-bit Systems

4520004 Security Update

Important

Spoofing

4524150

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1709 for x64-based Systems

4520004 Security Update

Important

Spoofing

4524150

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1803 for 32-bit Systems

4520008 Security Update

Important

Spoofing

4524149

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1803 for x64-based Systems

4520008 Security Update

Important

Spoofing

4524149

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1803 for ARM64-based Systems

4520008 Security Update

Important

Spoofing

4524149

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1809 for 32-bit Systems

4519338 Security Update

Important

Spoofing

4524148

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1809 for x64-based Systems

4519338 Security Update

Important

Spoofing

4524148

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1809 for ARM64-based Systems

4519338 Security Update

Important

Spoofing

4524148

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows Server 2019

4519338 Security Update

Low

Spoofing

4524148

Base: 2.4
Temporal: 2.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1709 for ARM64-based Systems

4520004 Security Update

Important

Spoofing

4524150

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1903 for 32-bit Systems

4517389 Security Update

Important

Spoofing

4524147

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1903 for x64-based Systems

4517389 Security Update

Important

Spoofing

4524147

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 11 on Windows 10 Version 1903 for ARM64-based Systems

4517389 Security Update

Important

Spoofing

4524147

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Internet Explorer 10 on Windows Server 2012

4520007 Monthly Rollup
4519974 IE Cumulative

Low

Spoofing

4524135

Base: 2.4
Temporal: 2.2
Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C

Yes

Microsoft Edge (EdgeHTML-based) on Windows 10 for 32-bit Systems

4520011 Security Update

Important

Spoofing

4524153

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

Yes

Microsoft Edge (EdgeHTML-based) on Windows 10 for x64-based Systems

4520011 Security Update

Important

Spoofing

4524153

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

Yes

Microsoft Edge (EdgeHTML-based) on Windows Server 2016

4519998 Security Update

Low

Spoofing

4524152

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

Yes

Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for 32-bit Systems

4519998 Security Update

Important

Spoofing

4524152

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

Yes

Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1607 for x64-based Systems

4519998 Security Update

Important

Spoofing

4524152

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

Yes

Microsoft Edge (EdgeHTML-based) on Windows 10 Version 1703 for 32-bit Systems

4520010 Security Update

Important

Spoofing

4524151

Base: 4.3
Temporal: 3.9
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N/E:P/RL:O/RC:C

Yes