Threat actors exploited Windows 0-day for more than a year before Microsoft fixed it

Hackers exploited a vulnerability in Windows 10 and 11 for over a year before Microsoft fixed it, according to researchers at security firm Check Point. The vulnerability enabled attackers to use malicious code to cause systems to open Internet Explorer—an outdated, decommissioned browser susceptible to exploits—and launch harmful activities. Although remedied in Microsoft’s monthly patch release, the episode highlights the potential risks of legacy software components.