Security News > 2021 > September > Windows MSHTML zero-day exploits shared on hacking forums
Threat actors are sharing Windows MSHTML zero-day tutorials and exploits on hacking forums, allowing other hackers to start exploiting the new vulnerability in their own attacks.
Last Tuesday, Microsoft disclosed a new zero-day vulnerability in Windows MSHTML that allows threat actors to create malicious documents, including Office and RTF docs, to execute commands on a victim's computer remotely.
These mitigations work by blocking ActiveX controls and Word/RTF document previews in Windows Explorer.
When Microsoft first disclosed the Windows MSHTML zero-day, tracked as CVE-2021-40444, security researchers quickly found the malicious documents used in attacks.
Threat actors have been able to reproduce the exploit on their own from information, and malicious document samples posted online and have begun sharing detailed guides and information on hacking forums.
Microsoft has also provided the following mitigations to block ActiveX controls in Internet Explorer, the default handler for the MSHTML protocol, and block document preview in Windows Explorer.
News URL
Related news
- Lazarus hackers exploited Windows zero-day to gain Kernel privileges (source)
- Lazarus Hackers Exploited Windows Kernel Flaw as Zero-Day in Recent Attacks (source)
- Windows Kernel bug fixed last month exploited as zero-day since August (source)
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Telegram fixes Windows app zero-day caused by file extension typo (source)
- Telegram fixes Windows app zero-day used to launch Python scripts (source)
- Exploit code for Palo Alto Networks zero-day now public (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2021-40444 | Path Traversal vulnerability in Microsoft products <p>Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that affects Microsoft Windows. | 8.8 |