A vulnerability patched by Microsoft in the Windows Mount Manager is being exploited in targeted attacks.