Security News > 2019 > September > Microsoft Releases Emergency Patches for IE 0-Day and Windows Defender Flaw
2019-09-24 08:03
It's not a Patch Tuesday, but Microsoft is rolling out emergency out-of-band security patches for two new vulnerabilities, one of which is a critical Internet Explorer zero-day that cyber criminals are actively exploiting in the wild. Discovered by Clément Lecigne of Google's Threat Analysis Group and tracked as CVE-2019-1367, the IE zero-day is a remote code execution vulnerability in the
News URL
http://feedproxy.google.com/~r/TheHackersNews/~3/4DV5qUZqktA/windows-update-zero-day.html
Related news
- Week in review: Microsoft patches exploited Windows CLFS 0-day, WinRAR MotW bypass flaw fixed (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Microsoft fixes auth issues on Windows Server, Windows 11 24H2 (source)
- Microsoft Patches 125 Flaws Including Actively Exploited Windows CLFS Vulnerability (source)
- Microsoft: April 2025 updates break Windows Hello on some PCs (source)
- Microsoft: Windows CLFS Vulnerability Could Lead to ‘Widespread Deployment and Detonation of Ransomware’ (source)
- Microsoft: Windows 'inetpub' folder created by security fix, don’t delete (source)
- Microsoft starts final Windows Recall testing before rollout (source)
- Microsoft: Windows Server 2025 restarts break connectivity on some DCs (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-09-23 | CVE-2019-1367 | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9 A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. | 7.5 |