https://www.bleepingcomputer.com/news/security/that-ie-zero-day-from-may-needed-a-second-patch-in-july/ > The July Patch Tuesday that was delivered two weeks ago included a second patch for an Internet Explorer zero-day discovered and initially fixed by Microsoft in May. > The original zero-day is a VBScript engine vulnerability that can be exploited via Internet Explorer, tracked as CVE-2018-8174. It was discovered by security researchers from the Qihoo 360 Core team.