New details about the recent MSHTML zero-day vulnerability have further spooked cybersecurity researchers, after having seen exploits in the wild.
Tracked as CVE-2021-40444, Microsoft recently disclosed the vulnerability in Internet Explorer’s browser engine Trident, also known as MSHTML, which helps render browser-based content inside Microsoft Office documents.
Microsoft was careful not to share too many details about the still-unpatched vulnerability. However, security researchers have been more forthcoming after analyzing malicious Office documents used in real-world campaigns.