Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2019.0074 Microsoft Internet Explorer 13 March 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Internet Explorer Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Provide Misleading Information -- Remote with User Interaction Access Confidential Data -- Remote with User Interaction Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2019-0783 CVE-2019-0780 CVE-2019-0768 CVE-2019-0763 CVE-2019-0762 CVE-2019-0761 CVE-2019-0746 CVE-2019-0680 CVE-2019-0676 CVE-2019-0667 CVE-2019-0666 CVE-2019-0665 CVE-2019-0654 CVE-2019-0609 CVE-2019-0606 Member content until: Friday, April 12 2019 Reference: ASB-2019.0052 ASB-2019.0051 ASB-2019.0049 OVERVIEW Microsoft has released its monthly security patch update for the month of March 2019. This update resolves 15 vulnerabilities across the following products: [1] Internet Explorer 10 Internet Explorer 11 Internet Explorer 9 IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2019-0606 Remote Code Execution Critical CVE-2019-0609 Remote Code Execution Critical CVE-2019-0654 Spoofing Important CVE-2019-0665 Remote Code Execution Important CVE-2019-0666 Remote Code Execution Critical CVE-2019-0667 Remote Code Execution Critical CVE-2019-0676 Information Disclosure Important CVE-2019-0680 Remote Code Execution Critical CVE-2019-0746 Remote Code Execution Important CVE-2019-0761 Security Feature Bypass Important CVE-2019-0762 Security Feature Bypass Important CVE-2019-0763 Remote Code Execution Critical CVE-2019-0768 Security Feature Bypass Important CVE-2019-0780 Remote Code Execution Important CVE-2019-0783 Remote Code Execution Important MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Cataloge for the following Knowledge Base articles. [1]. KB4487018, KB4489882, KB4486996, KB4487026, KB4487025 KB4489881, KB4489868, KB4486563, KB4487020, KB4489886 KB4489880, KB4489899, KB4489891, KB4486474, KB4487044 KB4487000, KB4489872, KB4489871, KB4487017, KB4489873 KB4489878 REFERENCES [1] Security Update Guide https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXIhNJmaOgq3Tt24GAQgFeg/9GXOj0su31V0H0+xdidp0k3dOZEN54nSO alls8lL6KJhqdh5+EUaWi/PN5jFlUOkuZ+RaJX5LvWHZfRmRhwenFYqAyiMbKnlA cX5rbyXGbaygBmJ53GnEQygRWAI9H7ftiyQan1rd0swHdAlWrwWVtOPTnFmE1ExQ MmoyL5Mxs0t31iuzyPoh52o+2uzdh7D6Eebz4MFEv9j3kDtfiVMsHIG1vgAAopTk IWvEGLKod2utTiRofQE94GHJuNmkYYtY9QkxCLIGfRdATAUWPo29aDbMo+8Y2NGi i/g/1agkvqjk5/3cM2SeDt0p1oHdq9L5oqQQL6AsGaxrJ0hfAFGPaHVtRLnGIapk /N92AuuHNhZWBy2XlPnzg13mD+/e0y9H8WeYmJD0+wHU86QdLbgHEruAI/73Jq9q XdXQj4nkUFY2Lx/FN4tJdlRge6oJgDEyJRRXMj3SxvoM+Yyk03v5uIDyRNsIGNc5 McP+5yctfF37QAhkgHWZyyHezyyb81emAQ39NLO9OmajwVoCorhiserLsAG12WLc NgwlC6xjMxKtlYAHt4+57IFhoYI0bxD1LHWHtZRlqqJwu6Yzy3YtYl6gGti3cyHw 2VlipPCJOBQA67vg4hd6FCpksPSpsAbrffewjOHmUX5yz2vhQOdWjWMvd4Hhc7UU aW+EQJU6EXM= =IDoW -----END PGP SIGNATURE-----