Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT Security Bulletin ASB-2020.0097 Microsoft Patch Tuesday update for Microsoft Internet Explorer for May 2020 13 May 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Microsoft Internet Explorer Operating System: Windows Impact/Access: Execute Arbitrary Code/Commands -- Remote with User Interaction Access Confidential Data -- Existing Account Reduced Security -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2020-1093 CVE-2020-1092 CVE-2020-1065 CVE-2020-1064 CVE-2020-1062 CVE-2020-1060 CVE-2020-1058 CVE-2020-1037 CVE-2020-1035 Member content until: Friday, June 12 2020 Reference: ESB-2020.1621 ESB-2020.1254 ESB-2020.1110 OVERVIEW Microsoft has released its monthly security patch update for the month of May 2020. This update resolves 9 vulnerabilities across the following products: [1] ChakraCore Internet Explorer 11 IMPACT Microsoft has given the following details regarding these vulnerabilities. Details Impact Severity CVE-2020-1035 Remote Code Execution Important CVE-2020-1037 Remote Code Execution Critical CVE-2020-1058 Remote Code Execution Important CVE-2020-1060 Remote Code Execution Important CVE-2020-1062 Remote Code Execution Critical CVE-2020-1064 Remote Code Execution Critical CVE-2020-1065 Remote Code Execution Critical CVE-2020-1092 Remote Code Execution Important CVE-2020-1093 Remote Code Execution Critical MITIGATION Microsoft recommends updating the software with the version made available on the Microsoft Update Catalogue for the following Knowledge Base articles. [1] KB4556807, KB4556846, KB4556826, KB4556813, KB4556840 KB4551853, KB4556799, KB4556836, KB4556798, KB4556812 REFERENCES [1] Security Update Guide https://portal.msrc.microsoft.com/en-us/security-guidance AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXrsseWaOgq3Tt24GAQgtahAAolR/TfjIzA8eqBOCfovwkvMe+SUt+jaP kXJavfChjGNmv5Xb8lVKeVwb4fsExfJEATUKEPViOJ1Rq51Z4fjZDU7QQdqKCkTu p3BO3jHoQoPQ887jdlxo7EzjlfKeyVwUO4ie0e8Of2dSK7ywjM0J/x95OtJO66zN KZCMo6rFrhZZr6DexiI7/1v0tPX2bISHk5FVzWskpW3sc4UoW0L25ORLUayOoSVA hMfHYLaHvoDtZYF9o+P45pV0trZgr83L4vBzJJCMxYpjpXn0ELNLmCZJWXwgjT5Y 2Qg4lbQEi6FsRbgBtuDcRQxuSvI0+gKqZL5XUEw7UWPV3vusQWLnJ9ZRhAdSsxG2 1k4TcJAvkDs2ZAxIaoTdgi+5PHvnZN2g+PybNTAlDSPDvANQzyskL+jiI6rCM2px l1W8K93bQKc+NwV1oxogUjxPIS7J7Y10w0T1+3eqZC5mgEsxWss9tJz4V7nFXWP5 tF7BuXWT9au8zL5CSlJc3qfXQqa3Po8ts/U4ke5N3PyyacUrRF3tLzhD3OZVX6vr jkUqSjoKjznD8GqXffwdoSWUyIxwH0wc9e4mTq8PRCoFEtHKEtjK5HTAqR2xyy1n 6MZIMCxBxC7Co+K07EdFIh8LLD4TSXes8rA98FU58Qsut7lG3XR5gUnyaVPtcWIC 9moparPIL3A= =2niA -----END PGP SIGNATURE-----