漏洞类别:Windows
漏洞等级: 
漏洞信息
This security update is rated Critical for Microsoft Edge on Windows 10. The update patches the vulnerabilities by:
modifying how Microsoft browsers handles objects in memory.
modifying how the Chakra JavaScript scripting engine handles objects in memory.
changing how the XSS filter in Microsoft browsers handle RegEx.
correcting how the Microsoft Edge parses HTTP responses.
漏洞危害
The most severe of the vulnerabilities could allow attacker to perform remote code execution, by corrupting browser memory, by corrupting the scripting engine memory. An attacker who successfully exploited the vulnerabilities could gain the same user rights as the current user.
解决方案
Customers are advised to refer to Microsoft Security Bulletin MS16-129 for details.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
MS16-129: Windows 10 for 32-bit Systems
MS16-129: Windows 10 for x64-based Systems
MS16-129: Windows 10 Version 1511 for 32-bit Systems
MS16-129: Windows 10 Version 1511 for x64-based Systems
MS16-129: Windows 10 Version 1607 for 32-bit Systems
0day
文章评论