Remote code execution vulnerability in MSHTML

 Advisory for Microsoft - Remote code execution vulnerability in MSHTML

Microsoft has shared the mitigation for a remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. Microsoft is aware of targeted attacks that try to exploit the vulnerability by sending specially-crafted Microsoft Office documents to potential victims. The attacker could craft a malicious to be used specific ActiveX control in webpage. Executing that threat is done using "Cpl File Execution" (Which is running the file as control panel item).

As per the advisory update, Microsoft Defender Antivirus and Microsoft Defender for Endpoint both provide detection and protections for the known vulnerability. Clients are requested to keep antimalware products up to date. Customers who utilize automatic updates do not need to take additional action as per the arisen issues. Microsoft Defender for Endpoint alerts will be displayed as: “Suspicious Cpl File Execution”.

Vulnerabilities:

(CVE-2021-40444)- The security issue affects Windows Server 2008 through 2019 and Windows 8.1 through 10. This has a severity level of 8.8 out of the maximum 10.

Workaround has already been shared with customers to remediate the issue as soon as possible. However, complete investigation is going on. Microsoft will take the proper action to help and protect our customers. This could include providing a security update through the monthly release process or providing an out-of-cycle security update, depending on customer needs.

Please refer the Mitigations and Workaround sections for important information about steps you can take to protect your system from this vulnerability.

UPDATE September 14, 2021: Microsoft has released security updates to address this vulnerability. Please see the Security Updates table for the applicable update for your system. We recommend that you install these updates immediately. Please see the FAQ for important information about which updates are applicable to your system

For complete vulnerability details here is the best link of Microsoft with complete information- https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

In case you want to visit my website, please Click here