Security News > 2019 > September > Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw
2019-09-24 08:03
It's not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer zero-day that cyber criminals are actively exploiting in the wild. Discovered by Clément Lecigne of Google's Threat Analysis Group and tracked as CVE-2019-1367, the IE zero-day is a remote code execution vulnerability in the
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/4DV5qUZqktA/windows-update-zero-day.html
Related news
- Microsoft to start force-upgrading Windows 22H2 systems next month (source)
- Microsoft fixes Windows Smart App Control zero-day exploited since 2018 (source)
- Microsoft fixes Windows Server performance issues from August updates (source)
- Microsoft says it broke some Windows 10 patching – as it fixes flaws under attack (source)
- Microsoft Issues Patches for 79 Flaws, Including 3 Actively Exploited Windows Flaws (source)
- Week in review: Veeam Backup & Replication RCE could soon be exploited, Microsoft fixes 4 0-days (source)
- Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) (source)
- Microsoft rolls out Office LTSC 2024 for Windows and Mac (source)
- Microsoft confirms IE bug squashed in Patch Tuesday was exploited zero-day (source)
- Microsoft may have revealed Windows 11 24H2 is coming this month (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-23 | CVE-2019-1367 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. | 7.6 |