Two Windows vulnerabilities—one a zero day that has been known to attackers since 2017 and the other a critical flaw that Microsoft initially tried and failed to patch recently—are under active exploitation in widespread attacks targeting a swath of the Internet, researchers say. The zero day went undiscovered until March , when security firm Trend Micro said it had been under active exploitation since 2017, by as many as 11 separate advanced persistent threats APTs. These APT groups, often...
