23 September 19, 20:09
Quote:Microsoft released two out of band security updates today for remote code execution (RCE) and denial of service (DoS) security vulnerabilities impacting Internet Explorer and Windows Defender, respectively.
The first one is a zero-day RCE vulnerability tracked as CVE-2019-1367 and disclosed by Clément Lecigne of Google’s Threat Analysis Group.
The CVE-2019-1367 scripting engine memory corruption vulnerability is known to have been exploited in the wild and it "exists in the way that the scripting engine handles objects in memory in Internet Explorer."
Quote:Out of band security vulnerability fixes CVE-2019-1367 and CVE-2019-1255 have been released today. For more information please see https://t.co/QMUM53m8so and https://t.co/vy3d0wXWng .
— Security Response (@msftsecresponse) September 23, 2019
Read more here: https://www.bleepingcomputer.com/news/se...erability/