The Microsoft flaws join a rash of zero days disclosed over the past week by various companies, including Apple, Google and Adobe.
In an Open Source Software Security Roadmap released on Tuesday, the agency said it wants to build up the capabilities to better understand the complex open source ecosystem and create visibility around the security risks in this landscape.
Adobe is warning Acrobat and Acrobat Reader users about an actively exploited vulnerability in those products.
Google said that the flaw was reported by Apple’s Security Engineering and Architecture team and Citizen Lab on Sept. 6.
A new strain of infostealer targeting Macs, known as MetaStealer, is hitting enterprises.