Summary:
- Microsoft has reported that a zero-day vulnerability in the Windows Update Medic Service is being actively exploited by attackers to undo previously applied security fixes.
- The vulnerability allows attackers to bypass security updates and restore malicious registry keys that were previously removed by those updates, effectively undoing the security protections.
- Microsoft has released a security advisory and is working on a fix, urging users to apply all available security updates to mitigate the risk of this vulnerability being exploited.