HP's Zero Day Initiative has published details about a zero-day vulnerability affecting Microsoft Internet Explorer 8 which the Redmond giant apparently has no intention to fix.
"Silverlight exploits are the drive-by flavor of the month," claim Cisco researchers.
When Microsoft issued an out-of-band security update to patch the zero day Internet Explorer vulnerability on May 1, it was revealed by researchers from security company FireEye that the bug was being actively exploited by attackers targeting US-based defense and financial firms.
There is a lot going on in the updates from Microsoft this month, including some very interesting and long time coming changes.
Tuesday, May 13 marks the next Microsoft security patch release.