IE browser remote code execution high risk vulnerability (cve-2019-1367)

Time:2021-8-13

Problems encountered in IE browser remote code execution high risk vulnerability (cve-2019-1367) reinforcement

1、 Background introduction

Internet Explorer is a web browser launched by Microsoft. The number of users is huge. On September 23, Microsoft urgently released a security update to fix a Remote Code Execution Vulnerability affecting IE browser. The Google threat analysis team found this vulnerability, which is said to have been exploited by the opposition.

2、 Vulnerability description

The vulnerability is caused by memory corruption in the way memory objects are handled in the Internet Explorer scripting engine. To exploit this vulnerability, an attacker must guide the user to open a malicious website that already hosts the vulnerability. Exploitation of this vulnerability can cause an attacker to gain the user’s current privileges and execute arbitrary code. If the current user has administrative privileges, an attacker can perform various operations on the system, from creating a new account with full privileges to installing programs and even modifying data.

3、 Impact version

Windows 10、Ie11 version of windows 8.1, Windows 7, Windows Server 2012 / R2, Windows Server 2008, Windows Server 2016, Windows Server 2019, ie10 version of Windows Server 2012 and IE9 version of Windows Server 2008.

For the specific affected versions and corresponding patches, please refer to Microsoft’s official websitehttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367

4、 Repair suggestions

1. Install patch

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367

2. Mitigation measures

For 32-bit systems, enter the following command at the administrator command prompt
takeown /f %windir%\system32\jscript.dll
cacls%windir%\system32\jscript.dll /E /P everyone:N
For 64 bit systems, enter the following command at the administrator command prompt:
takeown /f%windir%\syswow64\jscript.dll
cacls%windir%\syswow64\jscript.dll /E /P everyone:N

5、 Fix – install patch

1. Determine IE browser version

In “tools” – “about Internet explore (a)” of IE browser, the corresponding window pops up, as shown in the figure below. The version marked in red circle is the IE browser version.

  

2. View operating system version number

Open the operation bar with the “win” + “R” key, enter “CMD” and enter “winver” in the pop-up window to pop up the operating system version information window, as shown in the figure below. The operating system version is marked in the red circle.

  

3. Select the corresponding patch file on the patch download page

Select the corresponding patch file according to the operating system version number and IE browser version number, and click “security update” on the right. 

 

4. After downloading the patch, install the patch, and restart the system after installation

5. Check the browser patch version (updated version) to ensure that the patch is installed successfully

6、 Problems during patch installation

1. Win7 64 SP1 installation patch prompt “installation program error”, error code 0x80240037

  

terms of settlement:

reference resources https://www.cnblogs.com/UUUz/articles/9305652.html

2. Modify the suffix of the downloaded patch, unzip it, and run the following command

dism  /online /add-package /packagepath:”C:\Users\Administrator\Desktop\cab\IE11-Windows6.1-KB4522007-x64.cab”   

3. When installing Windows Server 2008 R2 SP1, you will be prompted that “the certificate chain to the trusted root authority cannot be established”, and the error code is 0x800b010a

  

 

4. Add a certificate according to the information on the Internet, but I don’t know what certificate to add. Who knows? I hope you can give me some advice~~ 

 

 

 

—————————————————————————————–

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367