Patch/Configuration Management, Vulnerability Management

On Patch Tuesday, Microsoft warns of zero-day attacks in IE

Separate of the patches it released, Microsoft on Tuesday warned of attacks underway that are targeting a zero-day vulnerability residing in XML Core Services, according to an advisory. The exploits are being launched against Internet Explorer users by tricking them, usually through a legitimate-looking email or instant messenger conversation, to visit a malicious website. Microsoft does not have a patch for the vulnerability, but as part of the advisory, it issued what Microsoft officials call "an effective workaround that stops would-be attackers from taking advantage of the issue via Internet Explorer."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.