Threat Level: green Handler on Duty: Jan Kopriva

SANS ISC: Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444) SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444)

Microsoft today published an advisory with a workaround to mitigate an unpatched vulnerability in Microsoft Office. This vulnerability is currently used in targeted attacks.

CVE-2021-40444 is a code execution vulnerability in MSHTML. The exploit would arrive as an Office document that includes a malicious ActiveX control. As a workaround, Microsoft recommends disabling ActiveX in Internet Explorer and the advisory includes the necessary registry changes. At this point, it should be pretty low impact to disable ActiveX, but of course, there may be individual enterprise applications that still use ActiveX. 

For more details, see Microsoft's advisory here: 

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

---
Johannes B. Ullrich, Ph.D. , Dean of Research, SANS.edu
Twitter|

I will be teaching next: Intrusion Detection In-Depth - SANS London October 2021

Johannes

4250 Posts
ISC Handler
Sep 8th 2021

Sign Up for Free or Log In to start participating in the conversation!