https://safirsoft.com Microsoft Office Zero Day Vulnerability Allows Remote Active Code Execution

Why it matters: Microsoft has received reports of remote code execution (RCE) vulnerabilities (hackers are actively using CVE-2021-40444). The attack uses malicious Microsoft Office files that open an ActiveX control using the MSHTML browser rendering engine. Vulnerable systems include Windows Server 2008 to 2019 and Windows 7 to 10.

Expmon, one of several security companies that reported zero-day abuse, told BleepingComputer that the attack method is 100% reliable and makes it very dangerous. When the user opens the document, it downloads the malware remotely. Expmon tweeted that users should not open any Office documents unless they are fully trusted with the source.

PM EXPMON targeted a very complex target #ZERO-DAY ITWACK targeted #Microsoft #Office users! For now, since there are no patches, we highly recommend Office users to be very careful about Office files - don't open them if you don't fully trust the source!

- EXPMON (EXPMON_) Sep 7, 2021

The file discovered by Expmon was a Word document (.docx), but Microsoft did not indicate that the abuse was limited to Word files. Any document that can call MSHTML is a potential vector. Microsoft has not yet provided a solution to the security vulnerability, but has included some ways to reduce it in the error report.

In addition to opening Office documents, be careful, as running Microsoft Office in its default configuration will open files in Protected View mode, reducing attacks (Application Guard in Office 360). Additionally, Microsoft Defender Antivirus and Defender for Endpoint prevents abuse.

Microsoft also says that users can disable the installation of all ActiveX controls in Internet Explorer. This solution requires a registry (.reg) file that users can find in the error report. Executing a REG file moves the new entries to the Windows registry. A restart is required to apply the settings.

Microsoft Office Zero Day Vulnerability Allows Remote Active Code Execution
microsoft-office-zero-day-vulnerability-allows-remote.html

https://safirsoft.com Microsoft Office 2021 will arrive alongside Windows 11 on October 5

Microsoft Office 2021 will arrive alongside Windows 11 on October 5

Microsoft is very happy with Microsoft 365 and Office 365 users, with more than a million organizations in the past and more than 300 million seats in...
https://safirsoft.com Patch Tuesday Microsoft is fixing more than 80 vulnerabilities in Windows, Office, Edge, and more

Patch Tuesday Microsoft is fixing more than 80 vulnerabilities in Windows, Office, Edge, and more

If you haven't already, go ahead and install the latest Patch Tuesday update. Then come back and read about the significance of this issue - At least ...
https://safirsoft.com Microsoft adds a passwordless option to access the account

Microsoft adds a passwordless option to access the account

What happened? Microsoft's vision of a password-free future begins now. Starting today, users can remove the password from their Microsoft account and...
https://safirsoft.com Mozilla has silently bypassed the protection of default Microsoft programs on Windows

Mozilla has silently bypassed the protection of default Microsoft programs on Windows

Why it matters: It's no secret now that Microsoft has used several tricks and tricks to force users in Windows 10 to switch to Microsoft Edge. Other b...
https://safirsoft.com A study by Microsoft claims that working from home threatens productivity and innovation

A study by Microsoft claims that working from home threatens productivity and innovation

Is working remotely becoming commonplace for many people, returning to the office full time more than ever, does working from home make employees bett...
https://safirsoft.com Microsoft explains why Windows 11 is faster than Windows 10

Microsoft explains why Windows 11 is faster than Windows 10

Windows 11 brings many dramatic changes, but it also has a lot in common with Windows 10. After using a new color, Microsoft seems to be encouraging u...