{"id":13127,"date":"2020-02-13T00:13:00","date_gmt":"2020-02-12T23:13:00","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=13127"},"modified":"2024-10-05T18:41:04","modified_gmt":"2024-10-05T16:41:04","slug":"internet-explorer-security-update-kb4537767-feb-2020","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2020\/02\/13\/internet-explorer-security-update-kb4537767-feb-2020\/","title":{"rendered":"Internet Explorer Security Update KB4537767 (Feb. 2020)"},"content":{"rendered":"

[German<\/a>]Microsoft also released the KB4537767 cumulative security update for Internet Explorer on February 11, 2020. Here is some information about this update.<\/p>\n

<\/p>\n

The vulnerability CVE-2020-0674 in IE<\/h2>\n

\"\"Cumulative security update KB4537767 for Internet Explorer patches the 0-day vulnerability CVE-2020-0674, which was reported in mid-January 2020. This vulnerability was discovered by Cl\u00e9ment Lecigne of the Google Threat Analysis Group and Ella Yu of Qihoo 360. <\/p>\n

\n

There is a memory corruption vulnerability in the scripting engine used by Internet Explorer. When objects are executed by the Scripting Engine in Internet Explorer, memory overflows or corruption may occur. As a result, attackers can use prepared Web pages to corrupt IE's memory in such a way that remote code can be infiltrated and executed. <\/p>\n<\/blockquote>\n

I had reported in the blog post Warning: 0-Day vulnerability in Internet Explorer (01\/17\/2020)<\/a>. I also described the workaround, suggested by Microsoft, within this blog post. But the workaround causes some collateral damage, mentioned within my post.<\/p>\n

Update KB4537767 for Internet Explorer<\/h2>\n

On 11 February 2020, Microsoft then released the cumulative security update KB4537767<\/a> for Internet Explorer. The update applies to the:<\/p>\n