漏洞类别:Internet Explorer
漏洞等级: 
漏洞信息
Internet Explorer is a web-browser developed by Microsoft which is included in Microsoft Windows Operating Systems.
Microsoft has released Cumulative Security Updates for Internet Explorer which addresses various vulnerabilities found in Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10) and Internet Explorer 11 (IE 11). The security updated is rated Moderate for for Internet Explorer 9 (IE 9) and Internet Explorer 10 (IE 10) and Critical for Internet Explorer 11 (IE 11).
The Security Update addresses the vulnerabilities by fixing:
1) The update addresses the vulnerability by fixing how Internet Explorer browser validates UMCI policies.. (CVE-2017-8625)
2) The update addresses the vulnerability by modifying Microsoft browser JavaScript scripting engines objects in memory. (CVE-2017-8635)
3) The update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines objects in memory. (CVE-2017-8636)
4) The update addresses the vulnerability by modifying how Microsoft browser JavaScript scripting engines objects in memory. (CVE-2017-8641)
5) The update addresses the vulnerability by modifying how Internet Explorer handles objects in memory (CVE-2017-8651)
6) The update addresses the vulnerability by modifying how Microsoft browser handles objects in memory. (CVE-2017-8653)
7) The update addresses the vulnerability by modifying how Microsoft browser handles objects in memory. (CVE-2017-8669)
KB Articles associated with the Update:
1) 4034660
2) 4034658
3) 4034668
4) 4034681
5) 4034733
6) 4034674
7) 4034665
8) 4034664
漏洞危害
Successful exploitation of the vulnerability may allow the attacker to cause:
1) Remote Code Execution
2) Security Feature bypass
解决方案
For more information, Customers are advised to refer the Security Update Guide.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0daybank
文章评论