Remediate Now! Internet Explorer Remote Code Execution Vulnerability

Microsoft has announced a security advisory for Internet Explorer 9 through 11 across Microsoft Windows 7 through 10 and Server 2008 through Server 2016 endpoints centered around an actively exploited vulnerability that could potentially allow attackers to exploit and abuse unpatched machines, including the ability to execute code, acting as the current user. No patch exists yet, but multiple remediation codes have been released. Automox users can deploy the code now through Automox Worklets.

Internet Explorer 9 through 11 received one CVE fix, rated critical:

  • CVE-2020-0674 - The Microsoft Internet Explorer Scripting Engine contains a memory corruption vulnerability, which can allow a remote, unauthenticated attacker to execute arbitrary code.
Security Advisory - Microsoft Guidance on Scripting Engine Memory Corruption - for more information please visit:— Security Response (@msftsecresponse) January 17, 2020

This actively exploited security vulnerability was detected by Qihoo 360 ATA and Google’s Threat Analysis group and can lead to remote code execution (RCE) through a mishandled scripting engine in the memory of Internet Explorer. This vulnerability could be triggered through exploited or malicious web pages that are accessed by the unpatched browser.

Your Plan of Attack? Deploy The Remediation Script Now!

While Microsoft is working on an out-of-band patch, they have released scripts to deactivate the offending components of Internet Explorer as reactivation scripts. Automox users can immediately deploy this script through the Automox Worklet™ by following these instructions.

You can automate this worklet deployment though Automox policies until a patch is released. If you need help, click here to learn how to create a patch policy in the Automox console.

About Automox Automated Patch Management

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes the aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-based patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.

Dive deeper into this topic