A security researcher has publicly disclosed an unpatched zero-day vulnerability in all supported versions of Microsoft Windows. The vulnerability resides in Microsoft Jet Database Engine that could allow an attacker to remotely execute malicious code on any vulnerable Windows computer. Microsoft is working on a patch for the vulnerability, and since it was not included in September Patch Tuesday, you can expect the fix in Microsoft’s October patch release. Trend Micro recommends all affected users to “restrict interaction with the application to trusted files” as a mitigation until Microsoft comes up with a patch.
Source: https://thehackernews.com/2018/09/windows-zero-day-vulnerability.html