A Microsoft zero-day vulnerability tracked as CVE-2021-24084 has not been fixed by the technology giant despite having been reported months ago. The vulnerability was initially reported to Microsoft through the company’s Zero Day Initiative in October 2020. Microsoft acknowledged the vulnerability and said a fix would be issued in April 2021, but that the vulnerability persisted with no updates on any Patch Tuesdays so far. Researchers have, for now, released free, unofficial patches to the vulnerability affecting 32- and 64-bit versions of Windows 10.”]
Source: https://www.databreachtoday.com/report-no-patch-for-microsoft-privilege-escalation-zero-day-a-18017