I just realized that I'm personally "credited" in April's Microsoft Patch Tuesday with a CVE-less "Defense-in-depth" update.
The vulnerability?
CAB files downloaded from the internet do not write the MotW for files extracted from them.
I reported this to […]
[Original post on infosec.exchange]
