Microsoft has released fixes for six zero-days that are being actively exploited in the wild – and one that is not – on a Patch Tuesday that this month continues a recent trend of generally lighter updates. Indeed, this is the lowest collective number of bugs found so far in 2021.
The six exploited zero-days are: CVE-2021-33742, a remote code execution (RCE) flaw in Windows MHSTML Platform; CVE-2021-31955, an information disclosure bug in Windows Kernel; and CVE-2021-31199 and CVE-2021-31201, two elevation of privilege vulnerabilities in Microsoft Enhanced Cryptographic Provider, which both relate to previously disclosed Adobe vulnerabilities as well.
