Microsoft has disclosed the existence of a new zero-day vulnerability that affects multiple versions of Windows. This vulnerability (designated as CVE-2021-40444) is currently delivered via malicious Office 365 documents and requires user input to open the file to trigger.
Article Link: Remote Code Execution Zero-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs