Microsoft’s September Patch Tuesday security update covers 61 vulnerabilities, with four rated critical. Microsoft patched CVE-2021-40444, a zero-day remote execution vulnerability that exists in MSHTML. MSHTML, aka Trident, is the HTML engine that has been built into Windows since Internet Explorer debuted more than 20 years ago. Microsoft says the attack complexity for this vulnerability is low and requires no privileges to carry out an attack. The vulnerability has a CVSS score of 7.8, putting it in the high classification, but there are no details to help admins understand what is happening.”]
Source: https://www.cuinfosecurity.com/microsoft-patches-mshtml-vulnerability-a-17534