For the fourth month in a row, Microsoft patches Windows zero-day used in the wild

Today, Microsoft released its monthly security patches –known as the Patch Tuesday updates. This month the Redmond-based company fixed 38 vulnerabilities across a large set of products.

For the fourth month in a row, Microsoft patched a Windows OS zero-day vulnerability that was being exploited in the wild.

Just like in the last two months, and for the third month in a row, this zero-day was being (ab)used in nation-state cyber-espionage operations. Just like last month, there were two cyber-espionage groups abusing this zero-day, and not just one, suggesting some sort of infrastructure sharing, or common leadership.

Read more…
Source: ZDNet