Vulnerable software includes Microsoft's Edge and Internet Explorer browsers, as well as its Office, Exchange and Outlook software.
"CVE-2018-8120 is a vulnerability in older Windows OS versions (Windows 7, Server 2008, Server 2008 R2) that has been detected in exploits in the wild", explained Chris Goettl, director of product management at Ivanti. Microsoft said the search window will now open wider to allow a broader range of content to display.
Just like it's the case with preview builds, Microsoft has considered the user feedback while developing the feature.
"We expect this vulnerability to become one of the most exploited in the near future, as it won't be long until exploit kit authors start abusing it in both drive-by via browser and spear-phishing via document campaigns".
One of the things Microsoft talked about at Build was a potential change in the behavior of Sets.
The researchers say they found the flaw after the company's sandbox system automatically analyzed an exploit that someone uploaded to malware-scanning service VirusTotal on April 18. However, Microsoft has not released a firm arrival date for the fix.
"May's Patch Tuesday is here and it looks like these monthly releases have plateaued at around 70 CVEs patched per month", noted Karl Sigler, threat intelligence manager of SpiderLabs (at Trustwave). As such, if a given user has administrator level access, "an attacker who successfully exploited the vulnerability could take control of an affected system".
In addition, Hyper-V has been getting some attention lately as well.
Third-party clipboard tools that extend the Clipboard are popular applications on Windows and it seems likely that Microsoft will please part of the userbase with the improved Clipboard that it plans to integrate in Windows 10 natively.