CVE-2021-40444 – WindowsTechs.com

Microsoft Patch Tuesday, September 2021 Edition

Posted on September 14, 2021 by BrianKrebs

Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google’s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software. Continue reading Microsoft Patch Tuesday, September 2021 Edition→

Windows zero-day MSHTML attack – how not to get booby trapped!

Posted on September 8, 2021 by Paul Ducklin

Zero-day bug in MSHTML, the “mini-Internet Explorer” component of Windows, triggered by booby trapped Office files. Continue reading Windows zero-day MSHTML attack – how not to get booby trapped!→

Microsoft: Attackers Exploiting Windows Zero-Day Flaw

Posted on September 8, 2021 by BrianKrebs

Microsoft Corp. warned Tuesday that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat. Continue reading Microsoft: Attackers Exploiting Windows Zero-Day Flaw→