Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that’s reportedly been abused to install spyware on iOS products, and Google‘s got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.
Four of the flaws fixed in this patch batch earned Microsoft’s most-dire “critical” rating, meaning they could be exploited by miscreants or malware to remotely compromise a Windows PC with little or no help from the user.
Top of the critical heap is CVE-2021-40444, which affects the “MSHTML” component of Internet Explorer (IE) on Windows 10 and many Windows Server versions. In a security advisory last week, Microsoft warned attackers ...
Copyright of this story solely belongs to krebsonsecurity.com . To see the full text click HERE