Vulnerability Protection

Cumulative Security Update for Internet Explorer


Report ID:


Date Published:

15 March 2017

Date Revised:



Compromise Type:

Remote code execution, information disclosure, spoofing, escalation of privilege

Compromise From:


Affected Product/Component:

Internet Explorer 9
Internet Explorer 10
Internet Explorer 11


A cumulative security update for Internet Explorer addresses multiple vulnerabilities that could be exploited into allowing remote code execution, information disclosure, spoofing, and escalation of privilege. 

Detailed Description

Microsoft has issued a cumulative security update to address multiple vulnerabilities that were discovered in the Internet Explorer web browser. Of the total twelve vulnerabilities, five could lead to remote code execution, four could lead to information disclosure, two could lead to spoofing, and one could lead to escalation of privilege.

These vulnerabilities were caused by varying factors which include improper access or improper handling of objects in memory, rendering errors in JScript and VBScript engines, improper parsing of HTTP responses, and improper enforcement of cross-domain policies. All discovered issues have been resolved in the latest update through corrective modifications and fixes. 

CVE Reference

CVE-2017-0008, CVE-2017-0009, CVE-2017-0012, CVE-2017-0018, CVE-2017-0033, CVE-2017-0037, CVE-2017-0040, CVE-2017-0049, CVE-2017-0059, CVE-2017-0130, CVE-2017-0149, CVE-2017-0154


Install the latest security patch, available for download from


Microsoft Security Bulletin MS17-006