Multiple vulnerabilities in https://www.cert-in.org.in/

Severity Rating: HIGH Software Affected • for 32-bit Systems •Windows 10 for x64-based Systems •Windows 10 Version 1607 for 32-bit Systems •Windows 10 Version 1607 for x64-based Systems •Windows 10 Version 1709 for 32-bit Systems •Windows 10 Version 1709 for 64-based Systems •Windows 10 Version 1709 for ARM64-based Systems •Windows 10 Version 1803 for 32-bit Systems •Windows 10 Version 1803 for ARM64-based Systems •Windows 10 Version 1803 for x64-based Systems •Windows 10 Version 1809 for 32-bit Systems •Windows 10 Version 1809 for ARM64-based Systems •Windows 10 Version 1809 for x64-based Systems •Windows 10 Version 1903 for 32-bit Systems •Windows 10 Version 1903 for ARM64-based Systems •Windows 10 Version 1903 for x64-based Systems •Windows 10 Version 1909 for 32-bit Systems •Windows 10 Version 1909 for ARM64-based Systems •Windows 10 Version 1909 for x64-based Systems • for 32-bit Systems Service Pack 1 •Windows 7 for x64-based Systems Service Pack 1 •.1 for 32-bit systems •Windows 8.1 for x64-based systems •Windows RT 8.1 •Windows 2008 for 32-bit Systems Service Pack 2 • 2008 for x64-based Systems Service Pack 2 • R2 for x64-based Systems Service Pack 1 •

Overview Multiple vulnerabilities have been reported in Microsoft Internet Explorer which could be exploited by a remote attacker to execute arbitrary code on a targeted system. Description 1. VBScript Remote Code Execution Vulnerabilities ( CVE-2020-1035 CVE-2020-1058 CVE-2020-1060 CVE-2020-1093 )

These vulnerabilities exist in Microsoft Internet Explorer due to improper handling of objects in the memory by the VBscript engine. A remote attacker could exploit this vulnerability by hosting a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to visit the website. The vulnerability can also be exploited via crafted Microsoft Office files, compromised websites and websites which accept or host user-provided content or advertisements. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code in the context of the current user.

2. Memory Corruption Vulnerabilities ( CVE-2020-1062 CVE-2020-1092 )

These vulnerabilities exist in Microsoft Internet Explorer due to improper handling of objects in the memory. A remote attacker could exploit this vulnerability by hosting a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to visit the website. The vulnerability can also be exploited via compromised websites and websites which accept or host user-provided content or advertisements. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code in the context of the current user.

3. MSHTML Engine Remote Code Execution Vulnerability ( CVE-2020-1064 )

This vulnerability exists in Microsoft Internet Explorer due to improper handling of objects in the memory by the MSHTML engine. A remote attacker could exploit this vulnerability by tricking a user into editing a specially crafted file which is designed to exploit the vulnerability. Successful exploitation of this vulnerability could allow the attacker to execute arbitrary code in the context of the current user.

Solution Apply appropriate patches as mentioned in Microsoft Security Bulletin https://portal.msrc.microsoft.com/en-us/security-guidance Vendor Information Microsoft https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1035 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1058 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1060 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1062 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1064 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1092 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1093

References Microsoft https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1035 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1058 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1060 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1062 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1064 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1092 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE- 2020 - -1093

CVE Name CVE-2020-1035 CVE-2020-1058 CVE-2020-1060 CVE-2020-1093 CVE-2020-1062 CVE-2020-1092 CVE-2020-1064

- --

Thanks and Regards,

CERT-In

" Be clean! Be healthy! "

Note: Please do not reply to this e-.

For further queries contact CERT-In Information Desk. Email: [email protected] Phone : 1800-11-4949 FAX : 1800-11-6969 Web : http://www.cert-in.org.in PGP Finger Print:D1F0 6048 20A9 56B9 5DAA 02A8 0798 04C3 2D85 A787 PGP Key information: http://www.cert-in.org.in/contact.htm

Postal address: Indian Computer Emergency Response Team (CERT-In) Ministry of Electronics and Information Technology Government of India Electronics Niketan 6, C.G.O. Complex New Delhi-110 003

-----BEGIN PGP SIGNATURE----- Version: Encryption Desktop 10.4.1 (Build 620) Charset: utf-8 wsFVAwUBXr/NEledDBjMog8yAQo1WA//dWSK2CHAv6nPClWnrLvTiBNQNjteSq7o GrM2j3stQJSxH9ktoU997pmNli23WRrYk7l+zpBZpvrY7XAqb1OHbKrndnFCViqu sBOfbfv4C/83wnkMFU4QmLAeQ7BanYAvEC3n7t0h/5kbLjakxbVnGLNktmLenVZ1 /UUbuxLx39FCM9lJoBihvyfS7EMSWjIdiF8D+FkaEhwYRmoz1O7swiT3IVlNrGNb 1+4vy0ClUaEpgHT4gZPHvP5H7sbjBTuvHLBATFbJMo2ODLLJbJPUFcTEJavzXFud 6G/oOZn1mxXfGtxCC/bJhyfszX+1j0LOTiaRWjhmex3XQVimCFYDrcDE3Tyn8EBs hvstYOajtoGYOKZDKWkaWEv4o3zBfqdbN0hT6wfCuFz0yLd0ffQgq4usW73GSIsI SkKClzsgqP2c6bE1Ugx58vaRrGUFzhMH7GLrieywAvn1D9S6MFS7gLnhxByuHkZK /CP6zw37ZmZi1pxgi1sxTpXiXKcg92kkSwhYTH5fSKrYeRl2PyDdVGC2/zDGcKo5 kC00/KTCRYvIjLUqzHiUv0ez/OAj9xzKzdj0ZfQcOGDhIWHGl5IBX3AxvJk4ZfH3 NVWVJ6NA6G2pAyzEzRcnlK/3Y67bqR/SI97AU65HcxK4ins8kqKxtlKsuVqDAVkB kgXTfoR661A= =m+E2 -----END PGP SIGNATURE-----