{"id":11326,"date":"2019-10-03T22:29:38","date_gmt":"2019-10-03T20:29:38","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=11326"},"modified":"2023-02-14T15:36:42","modified_gmt":"2023-02-14T14:36:42","slug":"internet-explorer-cumulative-update-kb4524135-10-03-2019","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2019\/10\/03\/internet-explorer-cumulative-update-kb4524135-10-03-2019\/","title":{"rendered":"Internet Explorer: Cumulative Update KB4524135 (10\/03\/2019)"},"content":{"rendered":"<p><img decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"http:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/11\/IE.jpg\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2019\/10\/03\/internet-explorer-kumulatives-update-kb4524135-3-10-2019\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]Microsoft finally released the cumulative security update KB4524135 for Internet Explorer versions 9 to 11 on October 3, 2019 to close a vulnerability that had become known in September.<\/p>\n<p><!--more--><\/p>\n<h2>The vulnerability CVE-2019-1367 in IE<\/h2>\n<p><img loading=\"lazy\" decoding=\"async\" src=\"https:\/\/vg01.met.vgwort.de\/na\/444385a0d47e451ca230cd1c0bff3bd9\" alt=\"\" width=\"1\" height=\"1\" \/>On September 23, 2019, Microsoft had surprisingly released out-of-band security updates for Internet Explorer that were intended to close the CVE-2019-1367 vulnerability.<\/p>\n<blockquote><p>CVE-2019-1367 is a memory corruption vulnerability in IE's scripting engine. This is related to the handling of objects in Internet Explorer memory by the scripting engine. The vulnerability could damage the memory to such an extent that an attacker could execute arbitrary code in the context of the current user.<\/p>\n<p>An attacker who successfully exploited the vulnerability is granted the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs, view, modify, or delete data, or create new accounts with full user privileges.<\/p><\/blockquote>\n<p>I had blogged about the updates available for the various Windows versions in the blog post <a href=\"https:\/\/borncity.com\/win\/2019\/09\/24\/windows-schwachstellen-in-ie-und-defender-23-9-2019\/\">Windows: Vulnerabilities in IE and Defender (09\/23\/2019)<\/a>. According to KB article, the security updates were only available for manual download in the Microsoft Update Catalog und had to be installed manually. However, there were printing issue with the September updates and Microsoft blamed the IE security update for this (see <a href=\"https:\/\/borncity.com\/win\/2019\/10\/01\/windows-printer-issues-after-sept-2019-update-confirmed\/\">Windows: Printer issues after Sept. 2019 Update confirmed<\/a>).<\/p>\n<h2>Update KB4524135 for Internet Explorer<\/h2>\n<p>Cumulative Update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4524135\/cumulative-security-update-for-internet-explorer\">KB4524135<\/a>, released on October 3, 2019, is available for Internet Explorer 9 \u2013 11 for the following Windows versions:<\/p>\n<ul>\n<li>Internet Explorer 11 on Windows Server 2012 R2<\/li>\n<li>Internet Explorer 11 on Windows Server 2012<\/li>\n<li>Internet Explorer 11 on Windows Server 2008 R2 SP1<\/li>\n<li>Internet Explorer 11 on Windows 8.1 Update<\/li>\n<li>Internet Explorer 11 on Windows 7 SP1<\/li>\n<li>Internet Explorer 10 on Windows Server 2012<\/li>\n<li>Internet Explorer 9 on Windows Server 2008 SP2<\/li>\n<\/ul>\n<p>The cumulative update addresses again the CVE-2019-1367 vulnerability, and this time it is shipped via both Windows Update and WSUS. The update can also be downloaded from the Microsoft Update Catalog and installed manually.<\/p>\n<p>Before installing the IE update <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4524135\/cumulative-security-update-for-internet-explorer\">KB4524135<\/a>, the installation of Servicing Stack Update (SSU) (<a href=\"https:\/\/support.microsoft.com\/help\/4490628\" target=\"_blank\" rel=\"noopener noreferrer\">KB4490628<\/a>) or newer (if available) is recommended. In addition, the SHA-2 update (<a href=\"https:\/\/support.microsoft.com\/help\/4474419\" target=\"_blank\" rel=\"noopener noreferrer\">KB4474419<\/a>) dated September 10, 2019 must have been installed under Windows 7 and Windows Server 2008\/R2.<\/p>\n<p>Microsoft also recommends that you install the latest Servicing Stack Update (SSU) (<a href=\"https:\/\/support.microsoft.com\/help\/4516655\" target=\"_blank\" rel=\"noopener noreferrer\">KB4516655<\/a>) under Windows 7\/Server 2008\/R2 after installing the update. If a language pack is subsequently installed, update KB4524135 must be reinstalled. The support article <a href=\"https:\/\/support.microsoft.com\/en-us\/help\/4524135\/cumulative-security-update-for-internet-explorer\">KB4524135<\/a> lists known errors and further information that should be noted.<\/p>\n<blockquote><p>The printer issue mentioned below will be fixed in separate Windows-Updates.<\/p>\n<p>Addendum: See also my new article\u00a0<a href=\"https:\/\/borncity.com\/win\/2019\/10\/05\/windows-ie-issues-and-confusion-with-updates-from-10-03-2019\/\" rel=\"bookmark\">Windows\/IE: Issues and confusion with updates (10\/03\/2019)<\/a>\u00a0discussing new\/old issues.<\/p><\/blockquote>\n<p><strong>Similar articles:<\/strong><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/09\/24\/windows-schwachstellen-in-ie-und-defender-23-9-2019\/\">Windows: Vulnerabilities in IE and Defender (09\/23\/2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/10\/01\/windows-printer-issues-after-sept-2019-update-confirmed\/\">Windows: Printer issues after Sept. 2019 Update confirmed<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/09\/30\/windows10-v1903-update-kb4517211-causes-printer-issues\/\">Windows10 V1903: Update KB4517211 causes printer issues<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/09\/27\/windows-10-issues-with-updates-kb4522015-kb4522016-kb4517211-sept-2019\/\">Windows 10: Issues with Updates KB4522015, KB4522016 \/ KB4517211 (Sept. 2019)<\/a><br \/>\n<a href=\"https:\/\/borncity.com\/win\/2019\/10\/04\/windows-updates-fixes-printer-bug-oct-3-2019\/\" rel=\"bookmark\">Windows Updates fixes printer bug (Oct. 3, 2019)<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]Microsoft finally released the cumulative security update KB4524135 for Internet Explorer versions 9 to 11 on October 3, 2019 to close a vulnerability that had become known in September.<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[580,22,2],"tags":[42,2128,195,194],"class_list":["post-11326","post","type-post","status-publish","format-standard","hentry","category-security","category-update","category-windows","tag-internet-explorer","tag-kb4524135","tag-update","tag-windows"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11326","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=11326"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/11326\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=11326"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=11326"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=11326"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}