Security Advisory 2501696 Update
Microsoft has updated guidance regarding a vulnerability in Windows (the issue resides in the MHTML protocol handler) through Security Advisory 2501696 to help protect against limited targeted attacks.
Download and install the Fixit
Microsoft has released a Fixit that customers can download and install. Customers who have installed the Fixit to apply Microsoft’s recommended workaround are not at risk.
Customers who need help applying the FixIt can visit Microsoft Fixit Center Online.
The vulnerability is in the MHTML protocol handler
The vulnerability resides in the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler, which is used by some applications to render certain kinds of documents.
Microsoft is continuing to monitor the situation
We continue to monitor the landscape of attacks against our customers closely, together with our network of partners, but currently estimate the number of customers impacted to be limited.