View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
September 24, 2019

Microsoft Pushes Out Emergency Patch for Internet Explorer, after Google Reports a Zero Day

Microsoft have released a workaround...

By CBR Staff Writer

Microsoft has pushed out two emergency patches after an Internet Explorer zero day was spotted by Google security researchers being exploited in the wild.

CVE-2019-1367 is a vulnerability in IE’s scripting engine. It could be exploited by creating a “watering hole” website: when a user is tricked into visiting this, an attacker could take over their machine using remote code execution (RCE).

The scripting engine is responsible for handling objects in the memory of Internet Explorer. Microsoft noted: “The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.”

Read this: Chrome 78 “Severely Degrades” Microsoft Cloud Services

The Redmond software firm confirmed that it has already being exploited in the wild, and released a security update that changes how the scripting engine handles objects in memory. An RCE vulnerability means an attacker could take over a system and make changes regardless of where that device is located.

The actual details of the vulnerability and how it was exploited are a bit sparse, but Microsoft give away some clues as they note that in one scenario a threat actor could create a website and then trick an Internet Explorer user to visit it.

Once there Microsoft notes that: “If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system.”

Internet Explorer Remote Code Execution

The vulnerability was first discovered by Clément Lecigne, a member of Google’s Threat Analysis Group.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

Microsoft have quickly released a patch for Internet Explore that fixes the issue, but it’s not included in today’s general Windows update. Instead those who wish to fix the issue have a few options. The simplest is to download a security update for your version of Internet Explorer from the listed security updates found here.

Otherwise you can use the mitigation/workaround for the vulnerability CVE-2019-1367 in which Microsoft are advising users to do the following.

Internet Explore Remote Code Execution

However, Microsoft is warning those that do chose to implement this workaround that they may have ‘reduced functionality’ in features or items that use jscript.dll. Internet Explorer versions 11, 10 and 9 will apparently not experience reduced functionally steaming from jscript.dll issues, but all others will.

Not taking any chances Microsoft has provide the community with command prompt to undo the work around detailed above.

Internet Explore Remote Code Execution

One small mercy: hardly anyone users Internet Explorer.

Stats fluctuate, but between one to two percent of all websites visited are done so via Microsoft’s legacy browser.

See Also: Microsoft Admits That Windows 10 Update 1903 is Knocking Out Wi-Fi

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.