Patch Tuesday September 2021 – Microsoft fixes MSHTML Zero-Day and Apple Blocks NSO Group Surveillance Spyware –

This month, Microsoft released a fix for the MSHTML zero-day that emerged earlier in September. And it fixes a serious remote code execution bug in the WLAN AutoConfig service. There’s also a fix for a serious bug in Apple iOS. So, let’s get started!

Microsoft fixes MSHTML zero-day

Earlier this month, Microsoft released a security advisory for a remote code execution vulnerability (CVE-2021-40444) in Microsoft MSHTML, the rendering engine that Office apps use in Windows to display web content. The advisory said:

An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user…

Source link

About coldfusion

Check Also

🌱 Center Moriches-Eastport Daily: Survived 5 Frigid Days + ‘MLK’

Happy Wednesday, neighbors! Diane Witek here to get this day started off right. Here’s everything …

Leave a Reply

Your email address will not be published. Required fields are marked *