Security Updates for Internet Explorer (September 2017)

High Nessus Plugin ID 104896

Synopsis

The Internet Explorer installation on the remote host is affected by multiple vulnerabilities.

Description

The Internet Explorer installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities :

- An information disclosure vulnerability exists when affected Microsoft scripting engines do not properly handle objects in memory. The vulnerability could allow an attacker to detect specific files on the user's computer. (CVE-2017-8529)

- A remote code execution vulnerability exists when Microsoft browsers improperly access objects in memory.
The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. (CVE-2017-8750)

- A spoofing vulnerability exists when Internet Explorer improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was visiting a legitimate website. The specially crafted website could either spoof content or serve as a pivot to chain an attack with other vulnerabilities in web services.
(CVE-2017-8733)

- A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory.
The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. (CVE-2017-8747, CVE-2017-8749)

- A remote code execution vulnerability exists in the way that Microsoft browser JavaScript engines render content when handling objects in memory. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Microsoft browsers and then convince a user to view the website. An attacker could also embed an ActiveX control marked "safe for initialization" in an application or Microsoft Office document that hosts the related rendering engine.
The attacker could also take advantage of compromised websites, and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. (CVE-2017-8741, CVE-2017-8748)

- An information disclosure vulnerability exists in Microsoft browsers due to improper parent domain verification in certain functionality. An attacker who successfully exploited the vulnerability could obtain specific information that is used in the parent domain.
(CVE-2017-8736)

Solution

Microsoft has released security updates for the affected versions of Internet Explorer.

See Also

http://www.nessus.org/u?26b484bb

http://www.nessus.org/u?085e4d22

http://www.nessus.org/u?35364720

http://www.nessus.org/u?1dbb18cc

Plugin Details

Severity: High

ID: 104896

File Name: smb_nt_ms17_sep_internet_explorer.nasl

Version: 1.7

Type: local

Agent: windows

Published: 2017/11/30

Updated: 2018/08/03

Dependencies: 13855, 93962, 57033

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.6

Temporal Score: 6.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

CVSS v3.0

Base Score: 7.5

Temporal Score: 7.2

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:H/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:microsoft:windows, cpe:/a:microsoft:ie

Required KB Items: SMB/MS_Bulletin_Checks/Possible

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2017/11/23

Vulnerability Publication Date: 2017/11/23

Reference Information

CVE: CVE-2017-8529, CVE-2017-8733, CVE-2017-8736, CVE-2017-8741, CVE-2017-8747, CVE-2017-8748, CVE-2017-8749, CVE-2017-8750

BID: 98953, 100737, 100743, 100764, 100765, 100766, 100770, 100771

MSKB: 4036586, 4038792, 4038799, 4038777

MSFT: MS17-4036586, MS17-4038792, MS17-4038799, MS17-4038777