Recently reported Microsoft zero-day gaining popularity with attackers, Kaspersky says | WHAT REALLY HAPPENED X-Frame-Options: DENY X-Frame-Options: SAMEORIGIN

Recently reported Microsoft zero-day gaining popularity with attackers, Kaspersky says

A recently reported security vulnerability in Microsoft's MSHTML browser engine is being found all over the world, and Kaspersky said it "expects to see an increase in attacks using this vulnerability."

MSHTML is the under-the-hood browser engine that is found in every single currently available version of Windows, both server and PC. As such, this vulnerability affects everyone with a Windows machine of any kind, meaning this is a serious threat.

To make matters worse, the vulnerability (CVE-2021-40444) is easy to exploit: All an attacker has to do is send a Microsoft Office document to the intended victim that contains a malicious script. Like plenty of other attacks using malicious documents, the victim has to open the document in order to infect their machine with the attacker's actual payload, which is retrieved by the script in the document. Once downloaded, Kaspersky said that most are using ActiveX controls to perform further malicious actions. In the wild, Kaspersky said, most of the detected attacks install backdoors that give attackers additional access to the infected machine.

Comments

SHARE THIS ARTICLE WITH YOUR SOCIAL MEDIA