Windows spoofing flaw exploited in earlier zero-day attacks

Microsoft has advised users to stay updated with its recent security patches, following revelations that a high-severity flaw (CVE-2024-43461) in its MSHTML platform was exploited prior to its disclosure. The bug allows remote attackers to execute code on unpatched systems, targeting remnants of Internet Explorer within Windows. Threat group Void Banshee reportedly used the flaw to deploy a new information stealer, Atlantida.