Operating System:

[Win]

Published:

13 February 2019

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
                         AUSCERT Security Bulletin

                               ASB-2019.0052
            Internet Explorer multiple vulnerabilities patched
                             13 February 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:              Internet Explorer 11
                      Internet Explorer 10
                      Internet Explorer 9
Operating System:     Windows
Impact/Access:        Execute Arbitrary Code/Commands -- Remote with User Interaction
                      Provide Misleading Information  -- Remote with User Interaction
                      Access Confidential Data        -- Remote with User Interaction
Resolution:           Patch/Upgrade
CVE Names:            CVE-2019-0676 CVE-2019-0654 CVE-2019-0606
Member content until: Friday, March 15 2019
Reference:            ASB-2019.0051
                      ASB-2019.0049

OVERVIEW

        Microsoft has released its monthly security patch update for the month of February 2019.
        
        This update resolves 3 vulnerabilities across the following products: [1]
        
         Internet Explorer 10
         Internet Explorer 11
         Internet Explorer 9


IMPACT

        Microsoft has given the following details regarding these vulnerabilities.
        
         Details         Impact                   Severity
          Remote Code Execution    Critical
          Spoofing                 Important
          Information Disclosure   Important


MITIGATION

        Microsoft recommends updating the software with the version made available on the Microsoft Update Cataloge for the following Knowledge Base articles. [1].
        
        
         KB4486996, KB4486474, KB4486563, KB4487020, KB4487044
         KB4487023, KB4487018, KB4487026, KB4487000, KB4487017
         KB4487025


REFERENCES

        [1] Security Update Guide
            https://portal.msrc.microsoft.com/en-us/security-guidance

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours 
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXGOZ5GaOgq3Tt24GAQgIvRAA3ZpsdaeISl7wvJV1U/Jab5haRmpROmzO
Rno8cGKc7teGiROOec/PeYwG/1WXKuTS40QiXbO4QbYsvxwo99gfpkGAo8K6dk1e
OoQQbv4BB+EAEbJ7GljmOlyMrkArOX4v9i9R7+xKRR+PbeV+hJ32guCC16BKrz1Q
Q9SU+Rsb5/x3wrwjTVODd4VwDKee+PdK9DZlLjBpDh30EE+MXzEAK/pkZml+j7b2
sDaXbgkL3tR8ATrKeiccojEIXoyAEAWOjw0St36WOuFKIxvsc1fjDa1YwmLFuQ8W
3wQFwQpdJoT9mIskiDMorViMTUr/xfiqc1/ImHvVhJ5hKcaNT5wpYkq9eDgpntdV
WIzP7Iqu600JwJdIPSwtQvYpj/xXU421o43e3ClDCnYGp2239s6FTHWpDPbzanbH
alT3Nm0W1bA5S/TvTtyGiiYQaLC8EhuOzf+3vRy5CznBpHTZeNWVyzcQ8d/P2OVW
FyRdtzHD6mm956r8hNhFbsVbbusayOcfBG5fHSpp23fAjWRtrKryKIUBpzcmXRnZ
dgQCcCGzXeu+ldoW01OCxbJy25UFMDoJgLX+f2RL/6occbNimWZvYujqmSCNEbKn
o5nqR6sTnBqGZFuDYMlnBmoz8z9TjmV1AunC6syiFC8nv5F73uYyfk5q0w+F+ebW
v0dF/WUxqHE=
=9Wus
-----END PGP SIGNATURE-----