Credit to Author: Greg Lambert| Date: Fri, 17 Sep 2021 12:28:00 -0700
This week’s Patch Tuesday was an unusual update from Microsoft and we have added Windows, the Microsoft development platform, and Adobe Reader to our “Patch Now” schedule.
These updates are driven by the zero-day patch (CVE-2021-40444) to the core Microsoft browser library MSHTML. In addition to leading to significant remote code execution worries, this update may also lead to unexpected behaviours in legacy applications that depend on or include this browser component. Be sure to assess your portfolio for key apps that have these dependencies and perform a full functionality test before deployment. (We have identified some key mitigation strategies for handling ActiveX controls and for protecting your system during your testing and deployment phases.)