Rapid7 Vulnerability & Exploit Database

Microsoft Windows: CVE-2019-1220: Microsoft Browser Security Feature Bypass Vulnerability

Free InsightVM Trial No Credit Card Necessary
2024 Attack Intel Report Latest research by Rapid7 Labs
Back to Search

Microsoft Windows: CVE-2019-1220: Microsoft Browser Security Feature Bypass Vulnerability

Severity
4
CVSS
(AV:N/AC:M/Au:N/C:P/I:N/A:N)
Published
09/10/2019
Created
09/11/2019
Added
09/10/2019
Modified
09/06/2024

Description

A security feature bypass vulnerability exists when Microsoft Browsers fail to validate the correct Security Zone of requests for specific URLs, aka 'Microsoft Browser Security Feature Bypass Vulnerability'.

Solution(s)

  • microsoft-windows-windows_10-1507-kb4516070
  • microsoft-windows-windows_10-1607-kb4516044
  • microsoft-windows-windows_10-1703-kb4516068
  • microsoft-windows-windows_10-1709-kb4516066
  • microsoft-windows-windows_10-1803-kb4516058
  • microsoft-windows-windows_10-1809-kb4512578
  • microsoft-windows-windows_10-1903-kb4515384
  • microsoft-windows-windows_server_2012-kb4516046
  • microsoft-windows-windows_server_2012_r2-kb4516046
  • microsoft-windows-windows_server_2016-1607-kb4516044
  • microsoft-windows-windows_server_2019-1809-kb4512578
  • msft-kb4515384-1fec8c01-d96f-4692-9c3f-533f1966ba0f
  • msft-kb4516046-1e1fb8f3-3565-4d77-8fe5-a7ab7af4813a
  • msft-kb4516046-29808fc9-f647-4961-9b65-3db865ae4e07
  • msft-kb4516046-4453836e-54dd-4772-8132-aed8448f91ce
  • msft-kb4516046-58fc20f2-ea73-4a1b-9555-17919b32bef2
  • msft-kb4516046-690a5d04-9402-43a8-b93d-e8c3d28a43c4
  • msft-kb4516046-7bb166c4-92bb-4b7c-9ef7-e1fb4b32b67f
  • msft-kb4516046-96404e53-0269-4726-ba01-e4f3a0da4254
  • msft-kb4516046-98958d14-8122-4975-bb9d-77d5d6ea4bce
  • msft-kb4516046-a59837b5-2bc8-460b-8a2c-b4c89590d6da
  • msft-kb4516046-b14d796f-957e-4e92-89db-5ec7c27bf59f
  • msft-kb4516046-d5d33932-8dc6-437d-b225-2ef645012c5b
  • msft-kb4516046-e2049fb0-cc1d-4e1d-83ae-09f29df65875
  • msft-kb4516046-ffd87fd4-9d53-4285-af4e-dbe53cb18459

References

View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
  • Lightweight Endpoint Agent
  • Live Dashboards
  • Real Risk Prioritization
  • IT-Integrated Remediation Projects
  • Cloud, Virtual, and Container Assessment
  • Integrated Threat Feeds
  • Easy-to-Use RESTful API
  • Automation-Assisted Patching
  • Automated Containment
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;