Overview
Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.
Description
An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Impact
● Successful exploitation of the vulnerability could allow an attacker to execute arbitrary code and take control of the affected system.
Solution/ Workarounds
Disabling the installation of all ActiveX controls in Internet Explorer mitigates this attack. This can be accomplished for all sites by updating the registry. Previously-installed ActiveX controls will continue to run, but do not expose this vulnerability.
More: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444
Warning
If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.
Reference
● https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444
● https://www.csa.gov.sg/singcert/alerts/al-2021-052
Disclaimer
The information provided herein is on an "as is" basis, without warranty of any kind.