J
JeremyHagan
I have a Windows 10 machine build 10.0.18363.1316. It is licensed for Windows Defender ATP which is saying it has several vulnerabilities for IE11 due to it being out of date (EG: CVE-2020-0847). I have checked and it is true, the EXE for IE is ver 11.00.18362.1 (Microsoft Defender Security reports 11.1198.18362.0). However I have the latest CU for Windows 10 installed (KB4598229). How is this possible that it has not been updated? The CVE is from March last year.
According to this article the way to tell the update version of IE11 in Windows 10 is via the registry. On the vulnerable machine this is listed as KB4586768, which isn't an update for Windows 10, but a cumulative update for IE11 from November last year, however even this can't be accurate because the sample CVE I listed above was supposed to be patch March 2020.
None of this makes sense. Any ideas on why IE is not properly patched?
Continue reading...
According to this article the way to tell the update version of IE11 in Windows 10 is via the registry. On the vulnerable machine this is listed as KB4586768, which isn't an update for Windows 10, but a cumulative update for IE11 from November last year, however even this can't be accurate because the sample CVE I listed above was supposed to be patch March 2020.
None of this makes sense. Any ideas on why IE is not properly patched?
Continue reading...
