12 April 2017

Microsoft patched another zero-day – this time in Internet Explorer

Microsoft patched another zero-day – this time in Internet Explorer

During the April’s patch Tuesday Microsoft patched two zero-day vulnerabilities: previously disclosed vulnerability in Microsoft Word (CVE-2017-0199, SB2017040901) and another zero-day in Internet Explorer.

According to vendor’s description, the vulnerability in Internet Explorer CVE-2017-0210 (SB2017041202) allows an attacker to access contents from another domain. This is a very dangerous vulnerability as it may allow an attacker to steal potentially sensitive information and probably even interact with another website.

This month Microsoft patched 51 vulnerabilities in total, 7 vulnerabilities in Adobe Flash Player and 44 Microsoft products.

The total number of all patched vulnerabilities in Microsoft products is displayed on the graph above. In 2017 there were 220 vulnerabilities vs 690 vulnerabilities patched in 2016.

As for the zero-days stats, this Tuesday Microsoft patched second zero-day in IE in 2017. The total number of zero-day vulnerabilities in different versions of Internet Explorer has reached 38 vulnerabilities since 2006.


Back to the list

Latest Posts

Week in review: Nicehash security breach and botnet Satori activity

Week in review: Nicehash security breach and botnet Satori activity

The article contains a brief report of cybersecurity incidents for the past week.
11 December 2017
Week in review: major cybersecurity incidents in November 27-December 3

Week in review: major cybersecurity incidents in November 27-December 3

The article contains a brief report of cybersecurity incidents for the past week.
6 December 2017
Week in review: major cybersecurity incidents in November 20-26

Week in review: major cybersecurity incidents in November 20-26

The article contains a brief report of cybersecurity incidents for the past week.
27 November 2017