CVE-2020-0711
📋 TL;DR
This is a remote code execution vulnerability in ChakraCore, Microsoft's JavaScript engine used in Edge browser. Attackers can exploit memory corruption to execute arbitrary code on affected systems. Users running vulnerable versions of Microsoft Edge are primarily affected.
💻 Affected Systems
- Microsoft Edge
- ChakraCore
📦 What is this software?
Chakracore by Microsoft
Edge by Microsoft
⚠️ Risk & Real-World Impact
Worst Case
Complete system compromise allowing attackers to install programs, view/change/delete data, or create new accounts with full user rights.
Likely Case
Attackers could execute arbitrary code in the context of the current user, potentially leading to data theft, malware installation, or lateral movement.
If Mitigated
With proper patching and security controls, the risk is significantly reduced to minimal or no impact.
🎯 Exploit Status
Exploitation requires user interaction (visiting malicious website) but no authentication. No public exploit code was available at disclosure.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Microsoft Edge version with February 2020 security updates
Vendor Advisory: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0711
Restart Required: Yes
Instructions:
1. Open Windows Update settings. 2. Check for updates. 3. Install February 2020 security updates for Microsoft Edge. 4. Restart the system to complete installation.
🔧 Temporary Workarounds
Disable JavaScript
windowsDisable JavaScript in Microsoft Edge to prevent exploitation through malicious websites
Use alternative browser
allTemporarily use a different browser until patching is complete
🧯 If You Can't Patch
- Implement application whitelisting to prevent unauthorized code execution
- Restrict user privileges to limit potential damage from exploitation
🔍 How to Verify
Check if Vulnerable:
Check Microsoft Edge version: Open Edge → Settings → About Microsoft Edge. If version is before February 2020 updates, system is vulnerable.Check Version:
In Edge browser, navigate to edge://settings/helpVerify Fix Applied:
Verify Windows Update history shows February 2020 security updates installed for Microsoft Edge.📡 Detection & Monitoring
Log Indicators:
- Unexpected Edge crashes
- Suspicious process creation from Edge
- Unusual network connections from Edge
Network Indicators:
- Connections to known malicious domains from Edge
- Unusual outbound traffic patterns
SIEM Query:
Process Creation where Parent Process contains 'msedge.exe' and Command Line contains suspicious patterns