The vendor said the memory-corruption defect was exploited to target specific people, but it did not describe the objectives of the attack.

Microsoft said three of the exploited vulnerabilities were publicly known, suggesting attackers already had details about the defects prior to Tuesday’s release.

Shadowserver scans have identified 86 compromised instances, and researchers warn multiple threat groups are involved.

Limited attacks occurred prior to Ivanti’s disclosure, followed by mass exploitation by multiple threat groups. More than 1,400 potentially vulnerable instances remain exposed.

The voluntary framework would provide legal clarity to third-party AI researchers, including those who study safety and other “unexpected” AI behaviors.

Researchers said the information disclosure zero-day exposes sensitive information that attackers can use to undermine defenses and make other exploits more reliable.

Roughly 100,000 servers running the automated workflow platform for AI and other enterprise tools are potentially exposed to exploitation.

Microsoft closed out the year with 1,139 total defects patched, making it the second-largest year in volume behind 2020, according to Trend Micro.

A debate over actual exploitation is muddying response efforts. Multiple researchers say they’ve observed working proof of concepts while others assert evidence of attacks is lacking.

The open-source code library is one of the most extensively used application frameworks. Wiz found vulnerable versions in around 39% of cloud environments.