Security News > 2019 > September > Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw
2019-09-24 08:03
It's not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer zero-day that cyber criminals are actively exploiting in the wild. Discovered by Clément Lecigne of Google's Threat Analysis Group and tracked as CVE-2019-1367, the IE zero-day is a remote code execution vulnerability in the
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/4DV5qUZqktA/windows-update-zero-day.html
Related news
- Windows 10 KB5051974 update force installs new Microsoft Outlook app (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Microsoft fixes bug causing Windows Server 2025 boot errors (source)
- Week in review: Microsoft fixes two actively exploited 0-days, PAN-OS auth bypass hole plugged (source)
- Microsoft to remove the Location History feature in Windows (source)
- Microsoft testing fix for Windows 11 bug breaking SSH connections (source)
- Microsoft launches ad-supported Office apps for Windows users (source)
- Microsoft tests ad-supported Office apps for Windows users (source)
- Microsoft fixes Outlook drag-and-drop broken by Windows updates (source)
- Microsoft lifts Windows 11 update block for some AutoCAD users (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-23 | CVE-2019-1367 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. | 7.5 |