CVE-2021-40444

Published on: 09/15/2021 12:00:00 AM UTC

Last Modified on: 10/14/2022 11:49:00 AM UTC

CVE-2021-40444

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain versions of Windows 10 from Microsoft contain the following vulnerability:

Microsoft MSHTML Remote Code Execution Vulnerability

CVE-2021-40444 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.8 - HIGH

Attack Vector ^ⓘ	Attack Complexity	Privileges Required	User Interaction
LOCAL	LOW	NONE	REQUIRED
Scope	Confidentiality Impact	Integrity Impact	Availability Impact
UNCHANGED	HIGH	HIGH	HIGH

CVSS2 Score: 6.8 - MEDIUM

Access Vector^ⓘ	Access Complexity	Authentication
NETWORK	MEDIUM	NONE
Confidentiality Impact	Integrity Impact	Availability Impact
PARTIAL	PARTIAL	PARTIAL

CVE References

Description	Tags ^ⓘ	Link
Microsoft Office MSDT Follina Proof Of Concept ≈ Packet Storm	packetstormsecurity.com text/html	MISC packetstormsecurity.com/files/167317/Microsoft-Office-MSDT-Follina-Proof-Of-Concept.html
Microsoft Windows MSHTML Overview ≈ Packet Storm	packetstormsecurity.com text/html	MISC packetstormsecurity.com/files/164210/Microsoft-Windows-MSHTML-Overview.html
Microsoft Office Word MSHTML Remote Code Execution ≈ Packet Storm	packetstormsecurity.com text/html	MISC packetstormsecurity.com/files/165214/Microsoft-Office-Word-MSHTML-Remote-Code-Execution.html
Security Update Guide - Microsoft Security Response Center	portal.msrc.microsoft.com text/html	MISC portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40444

By selecting these links, you may be leaving CVEreport webspace. We have provided these links to other websites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other websites that are more appropriate for your purpose. CVEreport does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, CVEreport does not endorse any commercial products that may be mentioned on these sites. Please address comments about any linked pages to [email protected].

Related QID Numbers

91814 Microsoft MSHTML Remote Code Execution (RCE) Vulnerability

Exploit/POC from Github

An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework.

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Operating System	Microsoft	Windows 10	-	All	All	All
Operating System	Microsoft	Windows 10	1607	All	All	All
Operating System	Microsoft	Windows 10	1809	All	All	All
Operating System	Microsoft	Windows 10	1909	All	All	All
Operating System	Microsoft	Windows 10	2004	All	All	All
Operating System	Microsoft	Windows 10	20h2	All	All	All
Operating System	Microsoft	Windows 10	21h1	All	All	All
Operating System	Microsoft	Windows 7	-	sp1	All	All
Operating System	Microsoft	Windows 8.1	-	All	All	All
Operating System	Microsoft	Windows Rt 8.1	-	All	All	All
Operating System	Microsoft	Windows Server 2008	-	sp2	All	All
Operating System	Microsoft	Windows Server 2008	r2	sp1	All	All
Operating System	Microsoft	Windows Server 2012	-	All	All	All
Operating System	Microsoft	Windows Server 2012	-	r2	All	All
Operating System	Microsoft	Windows Server 2016	-	All	All	All
Operating System	Microsoft	Windows Server 2016	2004	All	All	All
Operating System	Microsoft	Windows Server 2016	20h2	All	All	All
Operating System	Microsoft	Windows Server 2019	-	All	All	All
Operating System	Microsoft	Windows Server 2022	-	All	All	All

cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*:
cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*:
cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*:
cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*:
cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*:

No vendor comments have been submitted for this CVE

Social Mentions

Source	Title	Posted (UTC)
@Francisckrs	Active exploitation of CVE-2021-40444. A bug that seems to allow attackers to execute activex from office docs? Pot… twitter.com/i/web/status/1…	2021-09-07 18:26:31
@ImposeCost	CVE-2021-40444 - Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using special… twitter.com/i/web/status/1…	2021-09-07 18:36:55
@MalwareRE	Mitigations and workarounds for CVE-2021-40444 (Microsoft MSHTML Remote Code Execution Vulnerability):… twitter.com/i/web/status/1…	2021-09-07 18:41:42
@Attackerkb_Bot	A new #attackerkb assesment on 'CVE-2021-40444' has been created by NinjaOperator. Attacker Value: 0 \| Exploitabili… twitter.com/i/web/status/1…	2021-09-07 18:49:04
@mig30m6	msrc.microsoft.com/update-guide/v…	2021-09-07 18:54:48
@CaschysBlog	CVE-2021-40444: Microsoft gibt Sicherheitswarnung raus stadt-bremerhaven.de/cve-2021-40444…	2021-09-07 18:57:32
@satnam	Microsoft just published an out-of-band informational advisory for CVE-2021-40444, an MSHTML remote code execution… twitter.com/i/web/status/1…	2021-09-07 19:00:32
@NinjaOperator	CVE-2021-40444 twitter.com/EXPMON_/status…	2021-09-07 19:14:07
@Attackerkb_Bot	A new #attackerkb assesment on 'CVE-2021-40444' has been created by ccondon-r7. Attacker Value: 3 \| Exploitability:… twitter.com/i/web/status/1…	2021-09-07 19:14:08
@campuscodi	Identifier is CVE-2021-40444: msrc.microsoft.com/update-guide/v… No patch yet, just mitigation (disabling ActiveX execution).… twitter.com/i/web/status/1…	2021-09-07 19:17:36
@r4ankit	CVE-2021-40444, Microsoft MSHTML RCE, also known as Trident, the Internet Explorer browser engine.… twitter.com/i/web/status/1…	2021-09-07 19:37:06
@BleepinComputer	@Ionut_Ilascu The bug is tracked as CVE-2021-40444 and comes with a severity score just shy of a critical level - o… twitter.com/i/web/status/1…	2021-09-07 19:56:55
@cybersecureny	BleepinComputer: @Ionut_Ilascu The bug is tracked as CVE-2021-40444 and comes with a severity score just shy of a c… twitter.com/i/web/status/1…	2021-09-07 20:00:57
@SecurityWeek	Microsoft Office Zero-Day Hit in Targeted Attacks - securityweek.com/microsoft-offi… (CVE-2021-40444)	2021-09-07 20:03:15
@MrsYisWhy	SecurityWeek: Microsoft Office Zero-Day Hit in Targeted Attacks - securityweek.com/microsoft-offi… (CVE-2021-40444)	2021-09-07 20:09:44
@wdormann	ActiveX truly is the gift that keeps on giving! Nobody could have predicted this. Nobody. CVE-2021-40444 in MSHTML… twitter.com/i/web/status/1…	2021-09-07 20:16:59
@TheD4RKr3ap3r	Some serious sophisticated #Zero-Day campaign are live based on below #advisory msrc.microsoft.com/update-guide/v… For now, D… twitter.com/i/web/status/1…	2021-09-07 20:22:30
@securestep9	#Microsoft shares temporary fix for ongoing Office 365 #zeroday #vulnerability attacks (#CVE-2021-40444). Are you… twitter.com/i/web/status/1…	2021-09-07 20:43:42
@ericlaw	@notfabrice @wdormann The registry script in the announcement is the one you want. msrc.microsoft.com/update-guide/v…	2021-09-07 20:47:45
@ATTOGTech	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 bit.ly/3tr33EH #uscert #security	2021-09-07 20:51:08
@corq	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a…	2021-09-07 20:53:03
@CyberCaffeinate	New Microsoft vulnerability. Embedded Active X within Office Doc can lead to RCE. msrc.microsoft.com/update-guide/v…	2021-09-07 20:54:00
@buzz_sec	US-CERT - Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3DUSBdx	2021-09-07 20:54:43
@SiciliamConsult	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 bit.ly/3tr33EH #cert #security	2021-09-07 20:54:46
@Inceptus3	BOLO: Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… #InceptusSecure #UnderOurProtection	2021-09-07 20:55:39
@AcooEdi	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 dlvr.it/S7763V via @USCERT_gov	2021-09-07 20:57:31
@ADVDAT_OH	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 sl.advdat.com/3kZQbBS	2021-09-07 21:00:07
@NotTruppi	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 buff.ly/3DVWYVK #uscert #gov	2021-09-07 21:00:09
@s_adachi	#zeroday CVE-2021-40444 Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that… twitter.com/i/web/status/1…	2021-09-07 21:00:12
@Sec_Cyber	#Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a…	2021-09-07 21:00:40
@jeffreydbrown	#infosec Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3npUgCf	2021-09-07 21:00:48
@security_inside	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a…	2021-09-07 21:03:18
@ipssignatures	The vuln CVE-2021-40444 has a tweet created 0 days ago and retweeted 43 times. twitter.com/ImposeCost/sta… #pow1rtrtwwcve	2021-09-07 21:06:00
@IT_securitynews	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 itsecuritynews.info/microsoft-rele…	2021-09-07 21:06:33
@empressbat	#cybersecurity - #Microsoft#Microsoft365 #Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 msrc.microsoft.com/update-guide/v…	2021-09-07 21:14:44
@demystifycyber	#cybersecurity - #Microsoft#Microsoft365 #Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 msrc.microsoft.com/update-guide/v…	2021-09-07 21:15:33
@MariaRusanova88	Microsoft warns of new IE zero-day exploited in targeted Office attacks, another look on CVE-2021-40444 therecord.media/microsoft-warn…	2021-09-07 21:19:09
@gregoryfarley	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a…	2021-09-07 21:19:55
@bug_less	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3npUgCf	2021-09-07 21:26:11
@IT_securitynews	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 itsecuritynews.info/microsoft-rele…	2021-09-07 21:35:59
@d4rckh	BleepingComputer - Microsoft shares temp fix for ongoing Office 365 zero-day attacks (0Day CVE-2021-40444 ActiveX)… twitter.com/i/web/status/1…	2021-09-07 21:42:43
@CyberIQs_	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 cyberiqs.com/microsoft-rele… #infosec #infosecurity… twitter.com/i/web/status/1…	2021-09-07 21:45:54
@tukanana	MicrosoftMSHTMLリモートコード実行の脆弱性 CVE-2021-40444　0-dayとのこと。 / 1件のコメント b.hatena.ne.jp/entry?url=http… “Security Update Guide - M… twitter.com/i/web/status/1…	2021-09-07 21:48:06
@UK_Daniel_Card	CVE-2021-40444 looks fun, just don’t use a computer and ur golden ???????	2021-09-07 21:50:58
@masmasjp	今日は第二水曜日ですが「第二火曜日の翌日の水曜日」ではないのでパッチの日ではありません。……と思っていたら、何やらゼロデイが。CVE-2021-40444 とか、もう 4 万番台か～。 / Microsoft shares tem… twitter.com/i/web/status/1…	2021-09-07 21:55:14
@masart_3	ActiveXか。。。 Internet Explorer 使うのをやめろってことね。 msrc.microsoft.com/update-guide/v…	2021-09-07 21:59:41
@howtoconnect1	How to mitigate CVE-2021-40444 Vulnerability via Office in Windows 10 howto-connect.com/fix-cve-2021-4…	2021-09-07 22:00:18
@InakMali	US CISA advises users to review Microsoft's mitigations for avoiding CVE-2021-40444 zero-day vulnerability: US-CERT.	2021-09-07 22:01:11
@schestowitz	But #microsoft #backdoors for #nsa remain in tact us-cert.cisa.gov/ncas/current-a… see techrights.org/wiki/index.php…	2021-09-07 22:02:22
@omarbv	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 community.blueliv.com/#!/s/6137e2608…	2021-09-07 22:06:59
@stuart_smiles	us-cert.cisa.gov/ncas/current-a… msrc.microsoft.com/update-guide/v…	2021-09-07 22:13:17
@chriswebb18	This one seems pretty dangerous. Get ready for a surge of endpoint issues msrc.microsoft.com/update-guide/v…	2021-09-07 22:28:04
@bryanbrake	msrc.microsoft.com/update-guide/v… RCE in MSHTML, crafting a malicious ActiveX control in an MSOFFICE doc. Thanks to #R10t o… twitter.com/i/web/status/1…	2021-09-07 22:30:19
@sakerdude	The bug is tracked as CVE-2021-40444...The zero day attacks exploiting it are described as being "highly sophistica… twitter.com/i/web/status/1…	2021-09-07 22:35:59
@dscriven	Vulnerabilities in MSHTML. msrc.microsoft.com/update-guide/v…	2021-09-07 22:39:21
@Attackerkb_Bot	A new #attackerkb assesment on 'CVE-2021-40444' has been created by JunquerGJ. Attacker Value: 2 \| Exploitability: 2 attackerkb.com/assessments/2e…	2021-09-07 22:54:31
@ipssignatures	The vuln CVE-2021-40444 has a tweet created 0 days ago and retweeted 10 times. twitter.com/campuscodi/sta… #pow1rtrtwwcve	2021-09-07 23:06:00
@JSECTEAM	MSHTMLリモートコード実行脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください。 msft.it/6018XzpVg	2021-09-07 23:15:40
@InfoSecHotSpot	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 twib.in/l/p6eXq456apnA	2021-09-07 23:15:50
@EurekaBerry	MSHTMLリモートコード実行脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください。 msrc.microsoft.com/update-guide/v…	2021-09-07 23:16:52
@EXPMON_	Our system detects the Microsoft #CVE-2021-40444 #zero-day attack like this. We output the keyword "zero-day" if we… twitter.com/i/web/status/1…	2021-09-07 23:28:47
@BouncyHat	@ShadowChasing1 Might be related to msrc.microsoft.com/update-guide/v…. The JavaScript payload in side.html creates a ton of A… twitter.com/i/web/status/1…	2021-09-07 23:30:07
@moton	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 \| CISA - us-cert.cisa.gov/ncas/current-a…	2021-09-07 23:53:56
@ohhara_shiojiri	「Windowsに含まれるブラウザのレンダリングエンジンの「MSHTML」に脆弱性「CVE-2021-40444」が明らかとなったもの」	2021-09-08 00:18:46
@waiha8	“Yurika on Twitter: "MSHTMLリモートコード実行脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください… twitter.com/i/web/status/1…	2021-09-08 00:28:26
@sans_isc	Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444) #hacktivex i5c.us/d27818 https://t.co/HdIHEhuY7B	2021-09-08 00:30:07
@OrionSecLatam	Microsoft entrega arreglo temporal para la vulnerabilidad CVE-2021-40444, el problema de seguridad afecta a Windows… twitter.com/i/web/status/1…	2021-09-08 00:39:49
@tadmaddad	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 \| CISA us-cert.cisa.gov/ncas/current-a…	2021-09-08 01:02:44
@kkamegawa	MSHTMLの脆弱性、回避はいつも通りActiveXの無効化だけど今後OfficeでもWebView2が使われるようになると少しはましになるんだろうか。 msrc.microsoft.com/update-guide/v…	2021-09-08 01:02:48
@Secnewsbytes	Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 \| CISA us-cert.cisa.gov/ncas/current-a…	2021-09-08 01:04:20
@christinayiotis	“new Internet Explorer zero-day .. being abused in real-world attacks. Tracked as CVE-2021-40444 the #Vulnerability… twitter.com/i/web/status/1…	2021-09-08 01:23:11
@bug_less	Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444), (Wed, Sep 8th) ift.tt/3DOD0fs	2021-09-08 01:23:55
@aglongo	Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444), (Wed, Sep 8th) twib.in/l/48AX7kkrbpk5… twitter.com/i/web/status/1…	2021-09-08 01:32:20
/r/CaschysBlog	CVE-2021-40444: Microsoft gibt Sicherheitswarnung raus	2021-09-07 20:04:39
/r/sysadmin	CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability	2021-09-07 21:19:06
/r/sysadmin	Microsoft shares temp fix for ongoing Office 365 zero-day attacks	2021-09-07 20:56:45
/r/cybersecurity	Microsoft MSHTML Remote Code Execution Vulnerability - CVE-2021-40444	2021-09-07 20:45:02
/r/sysadmin	A heads up about CVE-2021-40444 (MSHTML Remote Code Execution Vulnerability)	2021-09-07 20:37:56
/r/vulnintel	Microsoft Windows MSHTML Remote Code Execution Vulnerability CVE-2021-40444	2021-09-07 20:33:36
/r/blueteamsec	CVE-2021-40444 is being exploited in the wild - Microsoft MSHTML Remote Code Execution Vulnerability	2021-09-08 07:16:56
/r/k12cybersecurity	MS-ISAC CYBERSECURITY ADVISORY - A Vulnerability in Microsoft MSHTML Could Allow for Remote Code Execution - PATCH: NOW	2021-09-08 13:12:02
/r/CKsTechNews	Security Update Guide - Microsoft Security Response Center CVE-2021-40444	2021-09-08 12:59:25
/r/crowdstrike	[SITUATIONAL AWARENESS] CVE-2021-40444 MSHTML Remote Code Execution	2021-09-08 14:10:21
/r/crowdstrike	CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability	2021-09-08 13:53:40
/r/sysadmin	Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far	2021-09-08 18:49:21
/r/msp	Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far	2021-09-08 18:48:53
/r/cybersecurity	Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far	2021-09-08 18:48:30
/r/sysadmin	MSHTML Vulnerability fixed? (CVE-2021-40444)	2021-09-08 19:54:48
/r/purpleteamsec	Kusto hunting query for CVE-2021-40444	2021-09-09 15:04:16
/r/purpleteamsec	Simple script to detect CVE-2021-40444 URLs using oletools	2021-09-09 13:00:06
/r/Malware	Analyzing Microsoft Zero-Day Exploit (CVE-2021-40444)	2021-09-09 17:21:12
/r/msp	Heads up: Hackers are exploiting CVE-2021-40444	2021-09-09 20:15:14
/r/SecOpsDaily	Microsoft Security 0-day CVE-2021-40444 , according to @vxunderground twitter if you wish to get a sample for your Blue team you can contact them directly [email protected]	2021-09-09 21:38:54
/r/sysadmin	Windows CVE-2021-40444 zero-day defenses bypassed as new info emerges	2021-09-09 23:15:54
/r/cybersecurity	Windows CVE-2021-40444 zero-day defenses bypassed as new info emerges	2021-09-09 23:12:29
/r/crowdstrike	New to Custom Queries - Looking for feedback on my queries hunting for CVE-2021-40444 exploitation	2021-09-10 16:08:11
/r/netsec	CVE-2021-40444 - 0day Affecting MSHTML Engine Leading to RCE via Crafted Microsoft Office or RTF File	2021-09-10 17:39:53
/r/cybersecurity	New MSWORD Vulnerability! (CVE-2021-40444)	2021-09-10 20:36:08
/r/redteamsec	Malicious docx generator to exploit CVE-2021-40444	2021-09-11 09:26:30
/r/netsec	Malicious docx generator to exploit CVE-2021-40444	2021-09-11 09:21:59
/r/blueteamsec	Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)	2021-09-11 09:49:11
/r/purpleteamsec	Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)	2021-09-11 11:33:51
/r/cybersecurity	Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)	2021-09-11 11:31:58
/r/blueteamsec	with Florian: Yara processing rules sessions 2 (FIN7 maldoc), 3 (Khepri Beacons) and 4 (CVE-2021-40444 Rule)	2021-09-11 12:47:10
/r/purpleteamsec	YARA Rule Processing Session #4 CVE-2021-40444 Rule	2021-09-11 12:06:37
/r/u/CyberGh00st	Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)	2021-09-12 06:06:03
/r/purpleteamsec	CVE-2021-40444 Analysis/Exploit	2021-09-12 17:01:15
/r/cybersecurityNZ	Heads up: Hackers are exploiting CVE-2021-40444	2021-09-12 22:46:07
/r/blueteamsec	Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444	2021-09-13 03:48:21
/r/purpleteamsec	Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444	2021-09-13 04:59:48
/r/sysadmin	More Updates and Detection Ideas for CVE-2021-40444	2021-09-13 14:06:11
/r/cybersecurity	More Updates and Detection Ideas for CVE-2021-40444	2021-09-13 14:02:34
/r/sysadmin	Is the CVE-2021-40444 workaround working? How to confirm?	2021-09-13 12:53:38
/r/programacion	Explotando Vulnerabilidad CVE-2021-40444	2021-09-13 15:08:43
/r/the_bitcoin_party	microsoft fixes windows cve-2021-40444 mshtml zero-day bug	2021-09-14 20:21:09
/r/bag_o_news	Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug	2021-09-15 07:08:09
/r/Windows10	MSHTML Vulnerability Patched?	2021-09-15 19:21:01
/r/purpleteamsec	Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability	2021-09-16 06:45:28
/r/blueteamsec	Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability	2021-09-16 06:30:08
/r/redteamsec	Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability \| Microsoft Security Blog	2021-09-16 06:18:26
/r/redteamsec	Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL	2021-09-16 09:55:43
/r/blueteamsec	CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files.	2021-09-16 10:12:03
/r/bag_o_news	GitHub - klezVirus/CVE-2021-40444: CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit	2021-09-16 14:04:12
/r/SecNewsAgg	CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files.	2021-09-16 18:15:19
/r/SecNewsAgg	Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL	2021-09-16 18:47:41
/r/SecNewsAgg	CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files.	2021-09-16 18:47:39
/r/InfoSecNews	Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug	2021-09-16 20:45:41
/r/SecNewsAgg	Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL	2021-09-17 14:45:07
/r/SecNewsAgg	CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files.	2021-09-17 14:41:45
/r/SecNewsAgg	Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL	2021-09-17 15:57:04
/r/SecNewsAgg	CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files.	2021-09-17 15:53:42
/r/SecNewsAgg	Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL	2021-09-17 19:05:26
/r/blueteamsec	CVE-2021-40444 漏洞深入分析 - in-depth Chinese analysis of the vulnerability that is MSHTML	2021-09-19 07:11:10
/r/cybersecurity	You should learn JavaScript	2021-09-20 06:36:14
/r/cybersecurity	Simple Analysis Of A CVE-2021-40444 .docx Document	2021-09-21 12:14:56
/r/SecNewsAgg	Simple Analysis Of A CVE-2021-40444 .docx Document	2021-09-21 13:32:10
/r/sysadmin	Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444 Patch?	2021-09-22 15:01:14
/r/InfoSecNews	Peeking into CVE-2021-40444 \| MS Office Zero-Day Vulnerability Exploited in the Wild	2021-09-23 18:53:34
/r/cybersecurity	An XML-Obfuscated Office Document (CVE-2021-40444)	2021-09-24 03:05:37
/r/elasticsearch	Help with creating an EQL query for catching unique filetypes requested within a short period by the same source host (CVE-2021-40444)	2021-09-28 09:52:40
/r/cybersecurity	Exploiting recent patches: Zero-Day Vulnerability in MSHTML (CVE-2021-40444)	2021-09-29 13:23:56
/r/blueteamsec	FormBook Adds Latest Office 365 0-Day Vulnerability CVE-2021-40444 to Its Arsenal	2021-09-29 16:33:36
/r/u/Metmox_Inc	Exploiting recent patches: Zero-Day Vulnerability in MSHTML (CVE-2021-40444)	2021-09-30 11:27:13
/r/cybersecurity	After patching for CVE-2021-40444, do we still need the workarounds/mitgations?	2021-10-04 18:20:55
/r/cybersecurity	We are a security team with 20+ years of ethical hacking, and we've defended over 2 million attacks with Blumira. Ask Us Anything.	2021-10-18 14:49:47
/r/blueteamsec	Beware of CVE-2021-40444 Vulnerability Attack Impersonating the President of Pyongyang University of Science and Technology by a North Korean-linked hacking organization	2021-11-15 12:01:13
/r/cybersecurity	Internet Explorer vulnerability threatens Microsoft Office users	2021-11-17 13:44:27
/r/blueteamsec	North Korea-related Malicious Document Files Using CVE-2021-40444 Vulnerability	2021-11-23 14:40:12
/r/crowdstrike	Happy Cakeday, r/crowdstrike! Today you're 7	2021-11-26 04:53:17
/r/techsupport	Not sure what this is	2021-12-22 00:09:54
/r/InfoSecNews	Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware	2021-12-23 18:45:25
/r/blueteamsec	Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit	2022-01-08 19:03:36
/r/redteamsec	Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit	2022-01-08 19:38:24
/r/cybersecurity	Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit	2022-01-09 00:31:37
/r/ExploitDev	Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit	2022-01-09 05:07:46
/r/PowerShell	Twitter API output to pscustomobject	2022-01-10 18:21:49
/r/bag_o_news	Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit	2022-01-24 13:32:57
/r/crowdstrike	Office new connection server cache registry modifications	2022-06-01 17:42:46
/r/SOCPrime	CVE-2021-40444 and CVE-2022-30190 Exploit Detection: Cobalt Strike Beacon Delivered in a Cyber-Attack on Ukrainian State Bodies	2022-06-02 19:00:22