Overview of Windows/Internet Explorer Security Patch
Microsoft has advised Windows/Internet Explorer users to install an “emergency” out-of-band security patch (i.e. not released on patch-Tuesday) for a recently detected Zero-Day-Exploit (i.e an exploit that has already been actively used prior to the release of the patch).
A security flaw in some versions of Internet Explorer could allow an attacker to remotely run malicious code on an affected device. A user could be stealthily infected by visiting a malicious web page or by being tricked into clicking on a link in an email. “An attacker who successfully exploited the vulnerability could take control of an affected system,” said Microsoft.
Microsoft also issued a fix for its in-built malware scanner Windows Defender, which if exploited, could have triggered a denial-of-service condition resulting in the app failing to work.
|Application Affect:||Internet Explorer 9, 10 and 11|
|Link to Mitre Advisory:||https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-1367|
|Link to NIST Advisory:||https://nvd.nist.gov/vuln/detail/CVE-2019-1367|
|Link to Microsoft Advisory:||https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367|
As a Patchworx Client…
We are always working, 24x7x365, to make sure your systems are patched and secured. Our valued Patchworx clients received the below message from us shortly after the Microsoft advisory.