CVE-2021-40444

Summary

CVE-2021-40444: Microsoft is investigating a remote code execution vulnerability in MSHTML, which impacts Microsoft Windows. Attackers could exploit this vulnerability by creating a malicious ActiveX control in a Microsoft Office document, requiring users to open the document to be affected. Users with fewer privileges may be less impacted than those operating with administrative rights. Microsoft Defender Antivirus and Microsoft Defender for Endpoint offer protection against this vulnerability. Microsoft recommends keeping antimalware software up-to-date and installing the latest security updates, which were released on September 14, 2021. Users should also refer to the Mitigations and Workaround sections for additional protection measures.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.