Cumulative Security Update for Internet Explorer
15 March 2017
Remote code execution, information disclosure, spoofing, escalation of privilege
Internet Explorer 9
A cumulative security update for Internet Explorer addresses multiple vulnerabilities that could be exploited into allowing remote code execution, information disclosure, spoofing, and escalation of privilege.
Microsoft has issued a cumulative security update to address multiple vulnerabilities that were discovered in the Internet Explorer web browser. Of the total twelve vulnerabilities, five could lead to remote code execution, four could lead to information disclosure, two could lead to spoofing, and one could lead to escalation of privilege.
These vulnerabilities were caused by varying factors which include improper access or improper handling of objects in memory, rendering errors in JScript and VBScript engines, improper parsing of HTTP responses, and improper enforcement of cross-domain policies. All discovered issues have been resolved in the latest update through corrective modifications and fixes.
CVE-2017-0008, CVE-2017-0009, CVE-2017-0012, CVE-2017-0018, CVE-2017-0033, CVE-2017-0037, CVE-2017-0040, CVE-2017-0049, CVE-2017-0059, CVE-2017-0130, CVE-2017-0149, CVE-2017-0154
Install the latest security patch, available for download from https://technet.microsoft.com/en-us/library/security/ms17-006