Search Microsoft Security

Security Advisory 2501696 Update

Security Advisory 2501696 Update

Microsoft has updated guidance regarding a vulnerability in Windows (the issue resides in the MHTML protocol handler) through Security Advisory 2501696 to help protect against limited targeted attacks.

Download and install the Fixit

Microsoft has released a Fixit that customers can download and install. Customers who have installed the Fixit to apply Microsoft’s recommended workaround are not at risk.

Customers who need help applying the FixIt can visit Microsoft Fixit Center Online.

The vulnerability is in the MHTML protocol handler

The vulnerability resides in the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler, which is used by some applications to render certain kinds of documents.

Microsoft is continuing to monitor the situation

We continue to monitor the landscape of attacks against our customers closely, together with our network of partners, but currently estimate the number of customers impacted to be limited.