The H0lyGh0st ransomware group has spent the last year targeting small and medium-sized businesses - but has not yet successfully extorted ransom payments from victims, said Microsoft researchers.
Microsoft fixed the flaw as part of its regularly-scheduled update, which includes over 80 critical and important-severity bugs.
Microsoft has identified a long, widespread phishing campaign that stole session cookies to bypass MFA and led to BEC and payment fraud.
Security researchers say the choice by Microsoft to re-enable Office macros by default is "puzzling."
Threat actors deploying the Black Basta ransomware have exploited the Microsoft PrintNightmare bug as part of their attacks.