Microsoft Warns of New Zero-Day Exploited in Real-World Attacks

German government reportedly bought NSO Pegasus spyware, Howard University cancels classes due to ransomware attack, REvil gang's servers come alive again, NZ orgs hit with DDoS attacks again, more

Microsoft’s security team issued an alert earlier today to warn about a new Internet Explorer zero-day (CVE-2021-40444) abused in real-world attacks that impacts Microsoft MHTML, also known as Trident, the Internet Explorer browser engine.

Although previously used in the defunct Internet Explorer browsers, MHTML is also used in Office applications to render web-hosted content inside Word, Excel, or PowerPoint documents. Details about the attacks discovered by Mandiant and EXPMON are not available. Microsoft plans to issue a patch next week; companies can disable ActiveX rendering to prevent CVE-2021-140444 exploitation. (Catalin Cimpanu / The Record)

Related: Security Week, Bleeping Computer, IT News, gHacks, Infosecurity Magazine, GBHackers On Security, The Hacker News, The Register - Security, Help Net Security, Microsoft

Highlighting the possibility that Western democracies, and not just despotic regimes, might be surveilling citizens with Pegasus spyware from notorious vendor NSO…