Microsoft has patched a zero-day vulnerability in Internet Explorer that at least two threat actor groups have used for some time to serve malicious advertisements to between 1 million and 5 million users daily.
Microsoft was first notified about the so-called information disclosure bug in September 2015, security vendor Proofpoint said in an alert this week. But a patch for it became available only after Trend Micro and Proofpoint reported the bug again to Microsoft more recently when researching a massive malvertising campaign being operated by a group called AdGholas, the alert noted.
Leave a reply
