Microsoft has dropped their July 2014 advance security notification and it looks like a relatively light month of patching.
HP's Zero Day Initiative has published details about a zero-day vulnerability affecting Microsoft Internet Explorer 8 which the Redmond giant apparently has no intention to fix.
Tuesday, May 13 marks the next Microsoft security patch release.
Given that Microsoft has closed the Internet Explorer 0-day vulnerability that was exploited to compromise US-based defense and financial firms, the Sourcefire vulnerability research team has decided to share some more details about the exploit.
Microsoft has issued an out of band security update to patch the zero day vulnerability that affects all versions of Internet Explorer and is being actively exploited in the wild in targeted attacks seemingly directed against US-based defense and financial firms.