Service Notices
Internet Explorer Remote Code Execution Vulnerability (CVE-2020-0674)
Mar 10, 2020 GMT+08:00
I. Overview
An Internet Explorer remote code execution vulnerability (CVE-2020-0674) has been disclosed and fixed in the patch released in February by Microsoft. The vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could implement remote code execution.
If you are a Windows OS user, check your system and implement timely security hardening.
Reference link:
https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/ADV200001
II. Severity
Severity: important
(Severity: low, moderate, important, and critical)
III. Affected Products
Affected versions:
Product | Windows Version |
Internet Explorer 9 | Windows Server 2008 x64/x32 sp2 |
Internet Explorer 10 | Windows Server 2012 |
Internet Explorer 11 | Windows 7 x64/x32 sp1 |
Internet Explorer 11 | Windows 8.1 x64/x32 |
Internet Explorer 11 | Windows RT 8.1 |
Internet Explorer 11 | Windows 10 x64/x32 |
Internet Explorer 11 | Windows 10 Version 1607 x64/x32 |
Internet Explorer 11 | Windows 10 Version 1709 x64/x32/arm64 |
Internet Explorer 11 | Windows 10 Version 1803 x64/x32/arm64 |
Internet Explorer 11 | Windows 10 Version 1809 x64/x32/arm64 |
Internet Explorer 11 | Windows 10 Version 1903 x64/x32/arm64 |
Internet Explorer 11 | Windows 10 Version 1909 x64/x32/arm64 |
Internet Explorer 11 | Windows Server 2008 R2 x64 sp1 |
Internet Explorer 11 | Windows Server 2012 |
Internet Explorer 11 | Windows Server 2012 R2 |
Internet Explorer 11 | Windows Server 2016 |
Internet Explorer 11 | Windows Server 2019 |
IV. Vulnerability Handling
This vulnerability has been fixed in the official patch released in February. Upgrade your system using the patch.
Workaround:
Disable JScript.dll. However, it may affect pages that depend on JavaScript. Exercise caution when performing this operation.
Note: Before fixing vulnerabilities, back up your files and conduct a thorough test.