Announced 08 October 2019

Score: High

A security issue affects IGEL Windows products in the following versions:

  • Universal Desktop W7+
  • IGEL Windows 10 IoT


A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user.

Update Instructions

  • Universal Desktop W7+: Update to version 3.14.100 or newer.
  • IGEL Windows 10 IoT: Upgrade to IGEL Windows 10 IoT 4.04.120 or newer.


Microsoft Security Response Center - CVE-2019-1367 | Scripting Engine Memory Corruption