zdnet[.]com/article/microsoft-september-2021-patch-tuesday-remote-code-execution-flaws-in-mshtml-open-management-fixed/
petri[.]com/patch-tuesday-september-2021-microsoft-fixes-mshtml-zero-day-and-apple-blocks-nso-group-surveillance-spyware
According to the Zero Day Initiative (ZDI), the 66 CVEs -- including three critical, one moderate, and the rest deemed important -- reveal a volume slightly higher than the average patch rate across 2021, while this is still below 2020 volume. In addition, 20 CVEs were patched by Microsoft Edge (Chromium) earlier in September. In total, 11 of these vulnerabilities were submitted through the Zero Day Initiative, for a total of 86 CVEs
[CVE = Common Vulnerabilities and Exposures. When it's discovered & verified a vulnerability is issued a CVE ID number and tracked. wikipedia[.]org/wiki/Common_Vulnerabilities_and_Exposures ]
Haven't noticed any issues with the updates *so far*. The copy of Win11 in my unqualified VM received the same update as the legit insider copy installed on this PC, KB 5005642. Something I desperately hope they fix in Win11, it auto-installed an AMD graphics driver along with the cumulative update & this month's Malicious Software Removal Tool. In Win10 you're rightly given a choice, since the version Microsoft supplies is a cut down version of the driver you get from AMD. In this case it meant having to reinstall the AMD driver afterward -- useless busywork.
