Microsoft Finds Remote Code Execution Vulnerability In MSHTML

Share post:

Microsoft has identified a couple of attacks that target a remote code execution vulnerability in MSHTML that affects Microsoft Windows. This also prompted CISA to issue a statement asking “users and organizations to review Microsoft’s mitigations and workarounds to address the remote code execution vulnerability identified as CVE-2021-40444.”

Rick Cole of Microsoft Security Response Center, Haifei Li of EXPMON, Dhanesh Kizhakkinan, Bryce Abdo, and Genwei Jiang of Mandiant discovered the vulnerability.

The Microsoft release mentions that its Defender Antivirus and Defender for Endpoint protect against the vulnerability, so anyone who has the tools and uses automatic updates is safe from the vulnerability. The tech giant also pointed out that enterprise customers who manage updates should “select the detection build 1.349.22.0 or newer and install it across their environments.”

The notifications in Microsoft Defender are displayed as “Suspicious Cpl File Execution.”

Once the investigation is complete, Microsoft will release a security update during Patch Tuesday or in a separate out-of-cycle security update.

In addition, this version adds that Microsoft Office opens documents from the internet in Protected View or Application Guard for Office by default, both of which prevent the attack.

Microsoft recommends disabling the installation of all ActiveX controls in Internet Explorer.

The statement also gave instructions on how to disable ActiveX controls on an individual system.

For more information, read the original story in ZDNet.

Featured Tech Jobs


Related articles

Cyber Security Today, April 24, 2024 – Good news/bad news in Mandiant report, UnitedHealth admits paying a ransomware gang, and more

This episode reports on the danger of using expired open-source packages, a tool used by a Russian hacking group and passw

Google Play introduces new biometric verification with a user warning

Google has recently announced updates to the biometric verification process for Google Play purchases, aiming to bolster security...

Cyber Security Today, Week in Review for week ending Friday April 19, 2024

On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT d

Cyber Security Today, April 19, 2024 – Police bust phishing rental platform, a nine-year old virus found on Ukrainian computers, and more

This episode reports on a threat actor targeting governments in the Middle East with a novel way of hiding malware is going international

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways