CVE-2019-1427

Name of the Vulnerable Software and Affected Versions Microsoft Edge (affected versions not specified) Internet Explorer (affected versions not specified)

Description The issue is related to errors in handling objects in memory by the ChakraCore JavaScript engine handler in Microsoft Edge and Internet Explorer browsers. This could allow a remote attacker to execute arbitrary code using a specially crafted web page. The vulnerability can corrupt memory, enabling an attacker to gain the same user rights as the current user. If the current user has administrative rights, the attacker could take control of the affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Edge, update to a version that includes the fix for this issue. For Internet Explorer, consider disabling JavaScript execution in the browser until a patch is available. As a temporary workaround, restrict access to potentially vulnerable web pages to minimize the risk of exploitation.