12 April 2017

Microsoft patched another zero-day – this time in Internet Explorer

Microsoft patched another zero-day – this time in Internet Explorer

During the April’s patch Tuesday Microsoft patched two zero-day vulnerabilities: previously disclosed vulnerability in Microsoft Word (CVE-2017-0199, SB2017040901) and another zero-day in Internet Explorer.

According to vendor’s description, the vulnerability in Internet Explorer CVE-2017-0210 (SB2017041202) allows an attacker to access contents from another domain. This is a very dangerous vulnerability as it may allow an attacker to steal potentially sensitive information and probably even interact with another website.

This month Microsoft patched 51 vulnerabilities in total, 7 vulnerabilities in Adobe Flash Player and 44 Microsoft products.

The total number of all patched vulnerabilities in Microsoft products is displayed on the graph above. In 2017 there were 220 vulnerabilities vs 690 vulnerabilities patched in 2016.

As for the zero-days stats, this Tuesday Microsoft patched second zero-day in IE in 2017. The total number of zero-day vulnerabilities in different versions of Internet Explorer has reached 38 vulnerabilities since 2006.


Back to the list

Latest Posts

Microsoft patches for June 2018

Microsoft patches for June 2018

50 vulnerabilities patched, some of them are potentially wormable.
13 June 2018
VPNFilter, attacks on routers and why external scanning is essential for security

VPNFilter, attacks on routers and why external scanning is essential for security

How to protect your router from VPNFilter and other attacks.
8 June 2018
New zero-day in Adobe Flash Player heavily exploited in the Middle East

New zero-day in Adobe Flash Player heavily exploited in the Middle East

Users in Doha and Qatar suffered from a targeted attack.
7 June 2018