Announced 08 October 2019
A security issue affects IGEL Windows products in the following versions:
- Universal Desktop W7+
- IGEL Windows 10 IoT
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.
- Universal Desktop W7+: Update to version 3.14.100 or newer.
- IGEL Windows 10 IoT: Upgrade to IGEL Windows 10 IoT 4.04.120 or newer.
Microsoft Security Response Center - CVE-2019-1367 | Scripting Engine Memory Corruption