Microsoft is staying quiet about the impact of a pair of zero-day flaws, refusing to say if its products were compromised.

According to TechCrunch, Microsoft released updates to address vulnerabilities in two open source libraries that are used in a variety of its products. Despite the fact that bad actors have been actively exploiting the vulnerabilities, Microsoft has not said whether they were exploiting its own products.

Microsoft has increasingly been under fire in recent months over high-profile security issues. The company’s refusal to provide information about the state of its products, and whether they were compromised, is certainly not going to help its reputation.