Enterprise users of Windows 10 v1903 and v1909 may have held off patching the CVE-2020-0674 vulnerability in Internet Explorer versions 9-11 due to the problems many have experienced with the temporary patch issued by Microsoft and issues with the buggy KB4532693 cumulative update. Fortunately, 0Patch has released a fix that can be applied as a temporary measure until a permanent solution is released by Microsoft that does not have unwanted side effects.
CVE-2020-0674 is a critical vulnerability affecting Internet Explorer that can lead to remote code execution. Exploits have been developed for CVE-2020-0674 which are being actively used in the wild to attack enterprises. The flaw can be exploited by convincing a user on a vulnerable device to visit a specially crafted webpage, via a phishing email or malverertising redirect for example. So far, only a limited number of attacks have been conducted, but the vulnerability will still be of concern to many enterprises.
Microsoft’s issued a temporary fix to correct the vulnerability until the KB4532693 update was released, but it caused problems with programs that used the jscript.dll file, as well as causing USB printer failures. Unfortunately, while the KB4532693 update was released on February Patch Tuesday, a bug in the update appeared to result in file deletion for many users. While files are not actually deleted, they cannot easily be restored.
Due to the problems, many enterprises have paused updates until bugs in the KB4532693 update have been fixed. Without the temporary fix or the update, the actively exploited CVE-2020-0674 vulnerability could potentially be exploited.
On February 24, the CEO of Acros Security, Mitja Kolsek, sent a tweet saying due to the high risk of exploitation of CVE-2020-0674, and in light of the Windows 10 v1903/v1909 cumulative update problems, the previously released micropatch for the CVE-2020-0674 vulnerability has been ported to v1903/v1909 users.
The micropatch had previously only been issued for Windows 7, Windows 10 v1709/v1803/v1809, Windows Server 2008 R2, and Windows Server 2019. Non-commercial users can apply the micropatch free of charge, but commercial users can only apply the micropatch if they pay for a Pro subscription to 0Patch.