A new Internet Explorer vulnerability (CVE-2020-0674) is being used in targeted attacks and Microsoft does not have a patch available right now.
Microsoft fixed a vulnerability in a cryptography component used by Windows 10 and Windows Server. If exploited, attackers would be able to pass off malicious software as legitimate, thus undermining digital trust.
Microsoft took over 50 domains used by threat actors known as Thallium, which the company says are operating from North Korea.
Microsoft patched CVE-2019-1458 in Windows, a privilege escalation bug that is being used in active attacks.
BlueKeep exploits have been seen installing a cryptominer, but Microsoft is warning customers that more damaging attacks could be coming.