Security News > 2021 > September > Microsoft Patches Actively Exploited Windows Zero-Day Bug

In September's Patch Tuesday crop of security fixes, Microsoft released patches for 66 CVEs, three of which are rated critical, and one of which - the Windows MSHTML zero-day - has been under active attack for nearly two weeks.
Microsoft said last week that the flaw could let an attacker "Craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine," after which "The attacker would then have to convince the user to open the malicious document." Unfortunately, malicious macro attacks continue to be prevalent: In July, for example, legacy users of Microsoft Excel were being targeted in a malware campaign that used a novel malware-obfuscation technique to disable malicious macro warnings and deliver the ZLoader trojan.
Microsoft did say that it was aware of targeted attacks trying to exploit it via specially crafted Microsoft Office documents.
"This vulnerability requires no user interaction or privileges, so an attacker can run their code on an affected system just by sending a specially crafted message to an affected system," the Zero Day Initiatve explained.
The three exploits Microsoft patched on Tuesday aren't remote, meaning that attackers need to have achieved code execution by other means.
As the Zero Day Initiative explained, that means an attacker could "Completely take over the target - provided they are on an adjacent network." That would come in quite handy in a coffee-shop attack, where multiple people use an unsecured Wi-Fi network.
News URL
https://threatpost.com/microsoft-patch-tuesday-exploited-windows-zero-day/169459/
Related news
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Microsoft: Windows CLFS zero-day exploited by ransomware gang (source)
- Microsoft fixes actively exploited Windows CLFS zero-day (CVE-2025-29824) (source)
- Microsoft lifts Windows 11 update block for some AutoCAD users (source)
- Microsoft replacing Remote Desktop app with Windows App in May (source)
- Microsoft March 2025 Patch Tuesday fixes 7 zero-days, 57 flaws (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Microsoft: Recent Windows updates make USB printers print random text (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
- Microsoft: March Windows updates mistakenly uninstall Copilot (source)