The latest Patch Tuesday updates from Microsoft include a bugfix for a zero-day flaw in the Internet Explorer browser engine. Tracked as CVE-2024-38112, the vulnerability has been exploited by unknown criminals since January 2023 to trick users into running malicious code on local, unprotected machines.