Please share the following information with your teams.
Information Security has notified a zero-day Microsoft vulnerability (CVE-2021-40444). Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.
CVSS Score: (High) 8.8
MSHTML is a browser rendering engine that is also used by Microsoft Office documents, and the attacks are said to utilize specially-crafted documents that targeted users would have to click.
Affected Versions: Windows OS
A remote attacker could exploit this vulnerability to take control of an affected system.
Microsoft released the Mitigations and workarounds to address this vulnerability.
UIT Client Services at firstname.lastname@example.org or 416 736 5800