12 April 2017

Microsoft patched another zero-day – this time in Internet Explorer

Microsoft patched another zero-day – this time in Internet Explorer

During the April’s patch Tuesday Microsoft patched two zero-day vulnerabilities: previously disclosed vulnerability in Microsoft Word (CVE-2017-0199, SB2017040901) and another zero-day in Internet Explorer.

According to vendor’s description, the vulnerability in Internet Explorer CVE-2017-0210 (SB2017041202) allows an attacker to access contents from another domain. This is a very dangerous vulnerability as it may allow an attacker to steal potentially sensitive information and probably even interact with another website.

This month Microsoft patched 51 vulnerabilities in total, 7 vulnerabilities in Adobe Flash Player and 44 Microsoft products.

The total number of all patched vulnerabilities in Microsoft products is displayed on the graph above. In 2017 there were 220 vulnerabilities vs 690 vulnerabilities patched in 2016.

As for the zero-days stats, this Tuesday Microsoft patched second zero-day in IE in 2017. The total number of zero-day vulnerabilities in different versions of Internet Explorer has reached 38 vulnerabilities since 2006.


Back to the list

Latest Posts

Remote code execution in NetBSD – nasty and potentially wormable bug

Remote code execution in NetBSD – nasty and potentially wormable bug

NetBSD users are advised to install patched ASAP.
12 February 2018
Zero-day vulnerability in Adobe Flash Player

Zero-day vulnerability in Adobe Flash Player

Second zero-day this year. No remedy available.
1 February 2018
Jackpotting: Weird Attack On ATM

Jackpotting: Weird Attack On ATM

Jackpotting requires not only technical skills and great coordination but also acting skills, audacity and composure.
30 January 2018