https://www.bleepingcomputer.com/news/microsoft/windows-mshtml-zero-day-defenses-bypassed-as-new-info-emerges/

New details have emerged about the recent Windows CVE-2021-40444 zero-day vulnerability, how it is being exploited in attacks, and the threat actor's ultimate goal of taking over corporate networks.

This Internet Explorer MSHTML remote code execution vulnerability, tracked as CVE-2021-40444, was disclosed by Microsoft on Tuesday but with few details as it has not been patched yet.