Oval Definition:oval:org.cisecurity:def:1378
Revision Date:2016-12-09Version:20
Title:Scripting Engine Remote Code Execution Vulnerability - CVE-2016-7189 (MS16-119)
Description:The Chakra JavaScript engine in Microsoft Edge allows remote attackers to execute arbitrary code via a crafted web site, aka "Scripting Engine Remote Code Execution Vulnerability."
Family:windowsClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2016-7189
Platform(s):Microsoft Windows 10
Product(s):Microsoft Edge
Definition Synopsis
  • Microsoft Edge is installed
  • AND Windows OS is installed + file version
  • Microsoft Windows 10 is installed + file version
  • Microsoft Windows 10 is installed
  • Microsoft Windows 10 (32-bit) is installed
  • OR Microsoft Windows 10 (64-bit) is installed
  • AND Check if chakra.dll version is less than 11.0.10240.17146
  • OR Microsoft Windows 10 Version 1511 is installed + file version
  • Microsoft Windows 10 Version 1511 is installed
  • Microsoft Windows 10 Version 1511 (32-bit) is installed
  • OR Microsoft Windows 10 Version 1511 (64-bit) is installed
  • AND Check if chakra.dll version is less than 11.0.10586.633
  • OR Microsoft Windows 10 Version 1607 is installed + file version
  • Microsoft Windows 10 Version 1607 is installed
  • Microsoft Windows 10 Version 1607 (32-bit) is installed
  • OR Microsoft Windows 10 Version 1607 (64-bit) is installed
  • AND Check if chakra.dll version is less than 11.0.14393.321
    • BACK