security update

  1. Z

    Dos RCE, Internet Explorer 9\10\11 (VBScript Engine), CVE-2019-0667

    VBScript: Memory corruption in VbsErase Related CVE Numbers: CVE-2019-0667. There is an issue in VBScript in the VbsErase function. In some cases (see the attached PoC), VbsErase fails to clear the argument variable properly, which can trivially lead to crafting a variable with the array...
  2. H

    Local Windows NDProxy Privilege Escalation (MS14-002)

    The Windows NDProxy Privilege Escalation is a security vulnerability that was identified and fixed by Microsoft in their MS14-002 security update. The vulnerability allowed attackers with low privileges to elevate their privileges to gain access to sensitive information and carry out malicious...