Microsoft’s Patch Tuesday update addresses a critical flaw in the Windows VBScript engine that attackers are using to compromise Windows machines through Internet Explorer.
The patch follows an alarm by researchers at Qihoo 360 Core Security in April that well-resourced hackers were using a then suspected IE zero-day flaw to infect Windows PCs on a “global scale”.
Source: Windows critical flaw: This security bug is under attack right now, says Microsoft | ZDNet
