Update: One of the two exploits published on Wednesday has now been confirmed to exploit a Windows vulnerability that Microsoft patched in this month’s Update Tuesday release cycle. The flaw involving the Windows Error Reporting service was previously described as CVE-2019-0863, Gal De Leon, the researcher Microsoft credited with discovering the vulnerability, said on Twitter. Researchers with ”micropatching” service 0patch have confirmed that the other exploit published on Wednesday, an IE 11 sandbox bypass, does indeed work on a fully patched Windows 10 system.

The headline of this post has been changed to reflect this new information. What follows is the story as it appeared earlier, with the exception of the last paragraph, which has also been changed to reflect the new information.

Källa: Serial publisher of Windows 0-days drops exploits for 2 more unfixed flaws