## 20221208

Internet Explorer 0-day exploited by North Korean actor APT37

https://blog.google/threat-analysis-group/internet-explorer-0-day-exploited-by-north-korean-actor-apt37/

word-template[.]net 
openxmlformat[.]org 
ms-office[.]services 
ms-offices[.]com 
template-openxml[.]com 

CVE-2022-41128: Type confusion in Internet Explorer's JScript9 engine

https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2022/CVE-2022-41128.html