Microsoft patches malicious Office file exploits
Microsoft patches malicious Office file exploits

A few days after Apple and Google rolled out emergency security updates, Microsoft made software fixes available as part of a monthly release cycle to address 66 vulnerabilities in Windows and other components (such as Azure, Office, BitLocker, and Visual Studio). MSHTML platform.

Of the 66 vulnerabilities, 3 are rated critical, 62 are important and 1 are medium.

Plus 20 vulnerabilities in the Chromium-based Edge browser that Microsoft has fixed since the beginning of this month.

The most significant update is the patch CVE-2021-40444, a remote code execution vulnerability in MSHTML that has been actively exploited to improve Office documents containing malicious ActiveX controls.

The company issued a warning about the vulnerability a few days ago after informing security researchers that the vulnerability is being used by malicious actors to trick potential victims into opening malicious Office files.

When the file is opened, a page will automatically launch through Internet Explorer containing an ActiveX control that can download malware onto the victim's computer.

When the company issued a warning, it did not resolve the issue and asked users to ensure that Microsoft Defender Antivirus or Microsoft Defender for Endpoint is enabled. Both programs can detect attempts to exploit the vulnerability.

It is also recommended that users disable all ActiveX controls in Internet Explorer. The vulnerability known as CVE-2021-40444 affects Windows servers from version 2008 and Windows 7 to Windows 10.

Microsoft patches malicious Office file exploits

Another publicly disclosed vulnerability, CVE-2021-36968, has also been fixed. However, it is not actively used in Windows DNS.

Other bugs include several remote code execution errors in CVE-2021-38647 Open Management Infrastructure. and Windows WLAN AutoConfig (CVE-2021-36965) service. and office (CVE-2021-38659). and Visual Studio (CVE-2021-36952). WordPress (CVE-2021-38656). Except for a memory error in the Windows Script Engine (CVE-2021-26435).

Additionally, the company fixed three franchise upgrade errors. Newly released print spooler service (CVE-2021-38667, CVE-2021-38671, and CVE-2021-40447).

Although CVE-2021-36975 and CVE-2021-38639 are listed, both address the Win32k privilege escalation vulnerability. They are considered more vulnerable to exploitation, so users must act quickly to install security updates.

Previous Post Next Post