CVE-2021-40444

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Sep 15, 2021
Updated: Jul 29, 2024
CWE ID 22

Summary

CVE-2021-40444: Microsoft is investigating a remote code execution vulnerability in MSHTML, which impacts Microsoft Windows. Attackers could exploit this vulnerability by creating a malicious ActiveX control in a Microsoft Office document, requiring users to open the document to be affected. Users with fewer privileges may be less impacted than those operating with administrative rights. Microsoft Defender Antivirus and Microsoft Defender for Endpoint offer protection against this vulnerability. Microsoft recommends keeping antimalware software up-to-date and installing the latest security updates, which were released on September 14, 2021. Users should also refer to the Mitigations and Workaround sections for additional protection measures.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Prioritize, Pinpoint, and Act to Prevent Vulnerability Exploits with Recorded Future

Note: This is just a basic overview providing quick insights into CVE-2021-40444 information. Gain full access to comprehensive CVE data, third party vulnerabilities, compromised credentials and more with Recorded Future
  • Gain complete coverage of your cyber, third party, and physical attack surface
  • Proactively mitigate threats before they turn into costly attacks
  • Make fast, effective, data-driven decisions