TTCSIRT-337.08.19.20: TT-CSIRT ADVISORY – Microsoft Internet Explorer Scripting Engine Memory Corruption

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system.

Applying a patch is able to eliminate this problem. Mitigation instructions has been published at the following link:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1570

If you have any queries or comments with regards to this advisory, please feel free to contact TTCSIRT via contacts@ttcsirt.gov.tt