Vulnerability Alert - Microsoft Windows
Microsoft is investigating a vulnerability (CVE-2021-40444) in an Internet Explorer component, MSHTML, that affects multiple versions of Windows. MSHTML is a software component used to render web pages in Windows.
An attacker can create a malicious ActiveX control to be used by a Microsoft Office document that uses the browser rendering engine. This control can run arbitrary code to infect the system with more malicious code.
Users whose accounts are configured with administrator permissions may be most affected. [1]
If this vulnerability is successfully exploited, it allows an attacker to execute remote code.
Microsoft has not yet released a security update that corrects this vulnerability. However, he recommended that the following mitigation measures be applied to prevent the attack from taking place:[1]
- By default, Microsoft Office opens Internet documents in Protected View or Application Guard for Office, both prevent the attack;
- On the other hand, Microsoft Defender Antivirus and Microsoft Defender for Endpoint provide both protection and protection for this vulnerability. Therefore, customers who own these products should keep them up to date;
- Finally, Microsoft also recommends disabling the installation of all ActiveX controls in Internet Explorer through the registry. Previously installed ActiveX controls will continue to run, but no new ones will be added, including malicious ones. To disable ActiveX controls, please see [1].
[1] https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444