Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw


windows update software

It’s not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer zero-day that cyber criminals are actively exploiting in the wild.

Discovered by Clément Lecigne of Google’s Threat Analysis Group and tracked as CVE-2019-1367, the IE zero-day is a remote code execution vulnerability in the way Microsoft’s scripting engine handles objects in memory in Internet Explorer.

Read more…