Rapid7’s 2026 Global Cybersecurity Summit is now available on-demand.Watch sessions.
Rapid7

vulnerability

Microsoft Windows: CVE-2018-0889: Scripting Engine Memory Corruption Vulnerability

Try Surface Command
Back to search
Severity
8
CVSS
(AV:N/AC:H/Au:N/C:C/I:C/A:C)
Published
Mar 13, 2018
Added
Mar 13, 2018
Modified
Sep 10, 2025

Description

Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935.

Solutions

microsoft-windows-windows_10-1507-kb4088786microsoft-windows-windows_10-1511-kb4088779microsoft-windows-windows_10-1607-kb4088787microsoft-windows-windows_10-1703-kb4088782microsoft-windows-windows_10-1709-kb4088776microsoft-windows-windows_server_2016-1607-kb4088787msft-kb4089187-13297a5b-e08e-452b-ad5e-0dd1554336e5msft-kb4089187-33d88d8b-59f7-4b0a-a17c-cb19048fe543msft-kb4089187-59bedce4-62a3-4efb-abe1-6da5b2b66231msft-kb4089187-5f5d114c-aff6-48ed-b895-b84bbf4232a0msft-kb4089187-5fe1b7c5-8bd5-41d1-82df-3d678a3beceemsft-kb4089187-689f6db0-db61-4489-8b23-26cd86faf5f5msft-kb4089187-819dd834-ee9f-41a2-91c2-cacdb300b795msft-kb4089187-8f61da4b-31a0-4145-b0f5-6802ce44f96amsft-kb4089187-a94c4afc-e4c6-4ed2-ba67-52dc1a5ea64dmsft-kb4089187-d26eb37f-c1b7-433d-91ee-afe62721a33dmsft-kb4089187-f131e5c8-396c-4fe8-b896-fbdf4d36735bmsft-kb4089187-fd82da1e-c832-4539-be1f-7ee3c383f244msft-kb4096040-2eec940e-d50c-45d1-aed4-cfe6d3d831eamsft-kb4096040-3af42ab1-13ed-42b5-9e4e-a841a71e7f2cmsft-kb4096040-4101df83-df0e-4c76-80e3-83aea3c9e7dbmsft-kb4096040-b4ed46c5-dbf5-4dc0-924d-0684e1846c53msft-kb4096040-be3cdb55-862c-4362-b015-894e381e07f9

References

Title
Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report