Intrusion Prevention

MS.Browser.CVE-2017-11869.Memory.Corruption

Description

This indicates an attack attempt to exploit a Memory Corruption vulnerability in Microsoft Browsers.
The vulnerability is due to an error when the vulnerable software attempts to handles a maliciously crafted web page. An attacker can exploit this by tricking a user into visiting a malicious webpage and execute arbitrary code within the context of the application.

Affected Products

Internet Explorer 9 on Windows Server 2008 Services Pack 2
Internet Explorer 10 on Windows Server 2012
Internet Explorer 11 on Windows 7 Services Pack 1
Internet Explorer 11 on Windows 8.1
Internet Explorer 11 on Windows RT 8.1
Internet Explorer 11 on Windows Server 2008 R2 x64-based Services Pack 1
Internet Explorer 11 on Windows Server 2012 R2
Internet Explorer 11 on Windows Server 2016
Microsoft Edge on Windows 10
Microsoft Edge on Windows 10 version 1511
Microsoft Edge on Windows 10 version 1607
Microsoft Edge on Windows 10 version 1703
Microsoft Edge on Windows 10 version 1709
Microsoft Edge on Windows Sever version 1709

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11869

CVE References

CVE-2017-11869