Windows 10: Internet Explorer exploit makes Windows vulnerable - April 2019

In short, zero day exploit of Internet Explorer makes Windows vulnerable. MS won't issue a separate security update, so uninstall Internet Explorer, or change default app t open .mht and .mhtlm files.

Betanews | Internet Explorer flaw leaves Windows users vulnerable to hackers

:)

 

Microsoft Internet Explorer renamed to Windows Internet Explorer ?




Since version 7 of the world`s most popular web browser - Microsoft Internet Explorer was silently renamed to Windows Internet Explorer.Such a step from Microsoft is not a surprise since Internet Explorer is part of the Windows operation system for a long time.Obviously Microsoft corp. wants to state that Internet Explorer is already considered as a part of Windows and not as an external browser (remember the IE and WMP law issues last year!?).

 

Microsoft April 2019 Security Updates

Release Notes

April 2019 Security Updates

Release Date: April 09, 2019

The April security release consists of security updates for the following software:

Adobe Flash Player

Internet Explorer

Microsoft Edge

Microsoft Windows

Microsoft Office and Microsoft Office Services and Web Apps

ChakraCore

ASP.NET

Microsoft Exchange Server

Team Foundation Server

Azure DevOps Server

Open Enclave SDK

Windows Admin Center

Please note the following information regarding the security updates:

A list of the latest servicing stack updates for each operating system can be found in ADV990001. This list will be updated whenever a new servicing stack update is released. It is important to install the latest servicing stack update.

Windows 10 updates are cumulative. The monthly security release includes all security fixes for vulnerabilities that affect Windows 10, in addition to non-security updates. The updates are available via the Microsoft Update Catalog.

Updates for Windows RT 8.1 and Microsoft Office RT software are only available via Windows Update.

For information on lifecycle and support dates for Windows 10 operating systems, please see Windows Lifecycle Facts Sheet.

In addition to security changes for the vulnerabilities, updates include defense-in-depth updates to help improve security-related features.

The following CVEs have FAQs with additional information and may include * further steps to take after installing the updates. Please note that this is not a complete list of CVEs for this release.

ADV190011

ADV990001

CVE-2019-0688

CVE-2019-0801

CVE-2019-0802

CVE-2019-0814

CVE-2019-0822

CVE-2019-0823

CVE-2019-0824

CVE-2019-0825

CVE-2019-0826

CVE-2019-0827

CVE-2019-0828

CVE-2019-0830

CVE-2019-0831

CVE-2019-0833

CVE-2019-0835

CVE-2019-0837

CVE-2019-0838

CVE-2019-0839

CVE-2019-0840

CVE-2019-0844

CVE-2019-0845

CVE-2019-0846

CVE-2019-0847

CVE-2019-0848

CVE-2019-0849

CVE-2019-0851

CVE-2019-0876

CVE-2019-0879

Known Issues

KB Article Applies To

4487563 Microsoft Exchange Server 2019, 2016, and 2013

4491413 Update Rollup 27 for Exchange Server 2010 Service Pack 3

4493441 Windows 10 version 1709, Windows Server Version 1709

4493446 Windows 8.1, Windows Server 2012 R2 (Monthly Rollup)

4493448 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Security-only update)

4493450 Windows Server 2012 (Security-only Rollup)

4493451 Windows Server 2012 (Monthly Rollup)

4493458 Windows Server 2008 Service Pack 2 (Security-only update)

4493464 Windows 10 version 1803, Windows Server Version 1803

4493467 Windows 8.1, Windows Server 2012 R2 (Security-only update)

4493470 Windows 10 version 1607, Windows Server 2016

4493471 Windows Server 2008 Service Pack 2 (Monthly Rollup)

4493472 Windows 7 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Monthly Rollup)

4493474 Windows 10 version 1703

4493509 Windows 10 version 1809, Windows Server 2019

4493730 Windows Server 2008 SP2

4493435 Internet Explorer Cumulative Update

{{windowTitle}}

 

How Windows was exploited in 2014

Read more:

• How Windows was exploited in 2014 | ZDNet
• Windows exploitation in 2014