Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2019-0654: Microsoft Browser Spoofing Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2019-0654: Microsoft Browser Spoofing Vulnerability

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Published
02/12/2019
Created
03/19/2019
Added
02/12/2019
Modified
09/06/2024

Description

A spoofing vulnerability exists when Microsoft browsers improperly handles specific redirects, aka 'Microsoft Browser Spoofing Vulnerability'.

Solution(s)

  • microsoft-windows-windows_10-1507-kb4487018
  • microsoft-windows-windows_10-1607-kb4487026
  • microsoft-windows-windows_10-1703-kb4487020
  • microsoft-windows-windows_10-1709-kb4486996
  • microsoft-windows-windows_10-1803-kb4487017
  • microsoft-windows-windows_10-1809-kb4487044
  • microsoft-windows-windows_server_2012-kb4486474
  • microsoft-windows-windows_server_2012_r2-kb4486474
  • microsoft-windows-windows_server_2016-1607-kb4487026
  • microsoft-windows-windows_server_2019-1809-kb4487044
  • msft-kb4486474-1e9dd7cf-178e-427f-8c44-31a24bc07093
  • msft-kb4486474-1ff2c262-7d61-4ad5-9001-50f45e763e08
  • msft-kb4486474-2aee5a32-2209-4ccb-991c-5271d490ca62
  • msft-kb4486474-3b900388-c4a4-468a-b6a4-9a51e5905d12
  • msft-kb4486474-3cd307fc-d97a-4f4d-940d-f4bdccf2f2e3
  • msft-kb4486474-3fd4705e-c257-4b29-a75c-386cb985e058
  • msft-kb4486474-5595b617-5f52-417d-a58d-1da0b4b37f8e
  • msft-kb4486474-8600f829-b14a-4701-9c86-905b72f21b7b
  • msft-kb4486474-8827a683-48c0-4332-b267-9f9087b6afc9
  • msft-kb4486474-b6f48e36-d13b-49a0-8048-f8cca312abc2
  • msft-kb4486474-e5949139-7a29-4df0-a6e1-14d020e43e88
  • msft-kb4486474-ee91e87b-6523-44c8-b426-b1a73c1d8351

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;