Remote code execution

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability

...

CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability

...

CVE-2021-40444

CVE-2021-40444 is a Microsoft MSHTML remote-code-execution vulnerability exploited via specially crafted Word documents containing malicious ActiveX controls. Public details confirm an exploit chain: a Word doc opens, a relationship in document.xml.rels points to a malicious HTML, IE Preview load...

Microsoft Releases Patch for Actively Exploited Windows Zero-Day Vulnerability

A day after Apple and Google rolled out urgent security updates, Microsoft has pushed software fixes as part of its monthly Patch Tuesday release cycle to plug 66 security holes affecting Windows and other components such as Azure, Office, BitLocker, and Visual Studio, including an actively...

Patch Tuesday - September 2021

Microsoft has fixed a total of 60 vulnerabilities this month, including two publicly disclosed 0-days. Fortunately there are only a few issues rated critical this month with the vast majority of the remainder being rated important. Here’s three big things you can go patch right now. MSHTML Remote...

Microsoft Windows Multiple Vulnerabilities (KB5005633)

This host is missing a critical security update according to Microsoft KB5005633 SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2021-40444

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

Microsoft Patches Actively Exploited Windows Zero-Day

In September’s Patch Tuesday crop of security fixes, Microsoft released patches for 66 CVEs, three of which are rated critical, and one of which – the Windows MSHTML zero-day – has been under active attack for nearly two weeks. One other bug is listed as publicly known but isn’t yet being...

Exploit for Path Traversal in Microsoft

〖EXP〗Ladon CVE-2021-40444 Office Vulnerability Reimplementatio...

A week in security (Sept 6 – Sept 12)

Last week on Malwarebytes Labs Apple delays plans to search devices for child abuse imagery. ProtonMail hands user’s IP address and device info to police, showing the limits of private email. Patch now! Netgear fixes serious smart switch vulnerabilities. Tor vs VPN—What is the difference? Windows...

Talos release protection against zero-day vulnerability in Microsoft MSHTML

Cisco Talos released new SNORT® rules Thursday to protect against the exploitation of a zero-day vulnerability in Microsoft MSHTML that the company warns is being actively exploited in the wild. Users are encouraged to deploy SIDs 58120 – 58129, Snort 3 SID 300049 and ClamAV... This is only the...

Threat Source newsletter (Sept. 9, 2021)

Newsletter compiled by Jon Munshaw.Good afternoon, Talos readers. The biggest security news this week is no doubt another Microsoft zero-day. On the heels of PrintNightmare and multiple Exchange Server vulnerabilities comes a code execution vulnerability in MSHTML, the rendering engine... This is...

Microsoft Internet Explorer MSHTML Remote Code Execution (CVE-2021-40444)

A remote code execution vulnerability exists in Microsoft Internet Explorer MSHTML. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

[updated] Windows MSHTML zero-day actively exploited, mitigations required

Several researchers have independently reported a 0-day remote code execution vulnerability in MSHTML to Microsoft. The reason it was reported by several researchers probably lies in the fact that a limited number of attacks using this vulnerability have been identified, as per Microsoft’s securi...

New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that's being used to hijack vulnerable Windows systems by leveraging weaponized Office documents. Tracked as CVE-2021-40444 CVSS score: 8.8, the remote code execution flaw is rooted in MSHTML aka Triden...

Vulnerability found in Microsoft Windows

A vulnerability has been found in Microsoft Windows' MSHTML component. A malicious party could potentially exploit it to execute arbitrary code under the privileges of a user. To do this, the malicious party needs to get the victim to to open a rogue Office document. Microsoft indicates that ther...

Microsoft MSHTML Remote Code Execution Vulnerability

MSHTML also known as Trident is Microsoft's Internet Explorer browser engine, and while MHTML is primarily used in the deprecated Internet Explorer browser, the component is also used in Office applications to render Word, Excel, or PowerPoint documents in A remote code execution vulnerability...

Microsoft MSHTML Remote Code Execution Vulnerability

Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents. An attacker could craft a malicious Active...

PT-2021-3925

Name of the Vulnerable Software and Affected Versions Microsoft MSHTML affected versions not specified Description The vulnerability in Microsoft MSHTML allows remote attackers to execute arbitrary code by using specially crafted Microsoft Office documents. An attacker could craft a malicious...