Microsoft confirmed that another Windows 10 vulnerability is circulating on thenetwork. The attackers with exploit manage to take full control of a computer according to the announcement of Microsoft. The vulnerability has not been fixed.
Visiting or opening a malicious website maliciousy document could be enough to allow hackers to take control of your computer. The company cites a number of temporary security measures to reduce the risk.
The MSHTML Remote Code Execution (CVE-2021-40444) vulnerability was confirmed last night on September 7, 2021.
"Η Microsoft ερευνά ορισμένες αναφορές για μια ευπάθεια implementationς απομακρυσμένου κώδικα στο MSHTML που επηρεάζει τα Windows", ανέφερε η εταιρεία.
Microsoft is aware of targeted attacks that attempt to exploit this vulnerability using its specially crafted documents Microsoft Office.
Such a document simply needs to be opened on a computer for the exploit to work and not just saved.
An attacker could create a malicious ActiveX control that contains the browser rendering engine and put it in an Office document, Microsoft says.
"Ο εισβολέας θα πρέπει στη συνέχεια να πείσει τον χρήστη να ανοίξει το κακόβουλο έγγραφο. Οι χρήστες των οποίων οι λογαριασμοί έχουν ρυθμιστεί να έχουν λιγότερα δικαιώματα στο σύστημα θα μπορούσαν να επηρεαστούν λιγότερο από τους χρήστες που λειτουργούν με δικαιώματα διαχειριστή."
It is worth mentioning that both Microsoft Defender Antivirus and Microsoft Defender for Endpoint can detect and protect you from vulnerabilities. If any of these are running on your computer and are set to update automatically, you are protected.
However, there is still no update that fixes the Windows security vulnerability.
So Microsoft suggests:
For starters, have documents from the Internet automatically open in either Protected View or Application Guard for Office, which prevents the malicious ActiveX control from running.
You could, however, disable ActiveX controls. Any existing ActiveX controls you already have will continue to work, the company says.
Microsoft provides accurate instructions on how to do this. But the company's solution involves editing the Windows registry and this should be avoided.