Microsoft fixes 17 critical and two zero-day flaws, including an actively-exploited RCE flaw in IE that can compromise PCs when users visit malicious sites (Catalin Cimpanu/ZDNet)

Catalin Cimpanu / ZDNet:
Microsoft fixes 17 critical and two zero-day flaws, including an actively-exploited RCE flaw in IE that can compromise PCs when users visit malicious sites  —  Microsoft says attackers have used a Windows zero-day to spoof file signatures and another RCE in the Internet Explorer scripting engine to execute code on users' devices.