Microsoft says a high-severity Windows zero-day vulnerability patched during the February 2021 Patch Tuesday was exploited in the wild since at least the summer of 2020 according to its telemetry data. The vulnerability was discovered and reported to the Microsoft Security Response Center on December 29 by researchers at DBAPPSecurity. The bug was being actively used in targeted attacks by an advanced persistent threat (APT) group tracked as Bitter (Forcepoint) and T-APT-17 (Tencent)
Source: https://www.bleepingcomputer.com/news/security/recently-fixed-windows-zero-day-actively-exploited-since-mid-2020/