November’s Patch Tuesday from Microsoft included a patch for yet another Internet Explorer 0-day, not too long after the out-of-band patch we talked about in September. Once more this is a memory corruption vulnerability in the Scripting Engine, which can lead to a Remote Code Execution (RCE) vulnerability. According to Microsoft, this vulnerability is known to be exploited in-the-wild.
Also similar to the last 0-day, we are able to confirm that Trustwave Secure Web Gateway (SWG) customers have been protected against attacks exploiting this CVE since Security Update 222 (released Jan 2019). Customers of Secure Email Gateway (SEG) using the Blended Threat Module (BTM) feature are similarly protected against malicious URLs exploiting this vulnerability sent via email.