Security News > 2017 > May > Microsoft Issues Patches for Another Four Zero-Day Vulnerabilities (The Hackers News)
2017-05-10 03:37
As part of this month's Patch Tuesday, Microsoft has released security patches for a total of 55 vulnerabilities across its products, including fixes for four zero-day vulnerabilities being exploited in the wild. Just yesterday, Microsoft released an emergency out-of-band update separately to patch a remote execution bug (CVE-2017-0290) in Microsoft's Antivirus Engine that comes enabled by
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/j5869GHy9GE/patch-windows-zero-days.html
Related news
- Patch Tuesday: Microsoft Fixes 134 Vulnerabilities, Including 1 Zero-Day (source)
- Hackers exploit VMware ESXi, Microsoft SharePoint zero-days at Pwn2Own (source)
- Microsoft Credits EncryptHub, Hacker Behind 618+ Breaches, for Disclosing Windows Flaws (source)
- Microsoft April 2025 Patch Tuesday fixes exploited zero-day, 134 flaws (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Hackers exploit old FortiGate vulnerabilities, use symlink trick to retain limited access to patched devices (source)
- Microsoft vulnerabilities: What’s improved, what’s at risk (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- Microsoft now pays up to $30,000 for some AI vulnerabilities (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-09 | CVE-2017-0290 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 does not properly scan a specially crafted file leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." | 7.8 |