CVE-2021-40444
Published on: 09/15/2021 12:00:00 AM UTC
Last Modified on: 07/12/2022 05:42:00 PM UTC
Certain versions of Windows 10 from Microsoft contain the following vulnerability:
Microsoft MSHTML Remote Code Execution Vulnerability
- CVE-2021-40444 has been assigned by
[email protected] to track the vulnerability - currently rated as HIGH severity.
CVSS3 Score: 7.8 - HIGH
Attack Vector ⓘ |
Attack Complexity |
Privileges Required |
User Interaction |
---|---|---|---|
LOCAL | LOW | NONE | REQUIRED |
Scope | Confidentiality Impact |
Integrity Impact |
Availability Impact |
UNCHANGED | HIGH | HIGH | HIGH |
CVSS2 Score: 6.8 - MEDIUM
Access Vector ⓘ |
Access Complexity |
Authentication |
---|---|---|
NETWORK | MEDIUM | NONE |
Confidentiality Impact |
Integrity Impact |
Availability Impact |
PARTIAL | PARTIAL | PARTIAL |
CVE References
Description | Tags ⓘ | Link |
---|---|---|
Microsoft Office MSDT Follina Proof Of Concept ≈ Packet Storm | packetstormsecurity.com text/html |
![]() |
Microsoft Windows MSHTML Overview ≈ Packet Storm | packetstormsecurity.com text/html |
![]() |
Microsoft Office Word MSHTML Remote Code Execution ≈ Packet Storm | packetstormsecurity.com text/html |
![]() |
Security Update Guide - Microsoft Security Response Center | portal.msrc.microsoft.com text/html |
![]() |
Related QID Numbers
- 91814 Microsoft MSHTML Remote Code Execution (RCE) Vulnerability
Exploit/POC from Github
An attempt to reproduce Microsoft MSHTML Remote Code Execution (RCE) Vulnerability and using Metasploit Framework.
Known Affected Configurations (CPE V2.3)
Type | Vendor | Product | Version | Update | Edition | Language |
---|---|---|---|---|---|---|
Operating System | Microsoft | Windows 10 | - | All | All | All |
Operating System | Microsoft | Windows 10 | 1607 | All | All | All |
Operating System | Microsoft | Windows 10 | 1809 | All | All | All |
Operating System | Microsoft | Windows 10 | 1909 | All | All | All |
Operating System | Microsoft | Windows 10 | 2004 | All | All | All |
Operating System | Microsoft | Windows 10 | 20h2 | All | All | All |
Operating System | Microsoft | Windows 10 | 21h1 | All | All | All |
Operating System | Microsoft | Windows 7 | - | sp1 | All | All |
Operating System | Microsoft | Windows 8.1 | - | All | All | All |
Operating System | Microsoft | Windows Rt 8.1 | - | All | All | All |
Operating System | Microsoft | Windows Server 2008 | - | sp2 | All | All |
Operating System | Microsoft | Windows Server 2008 | r2 | sp1 | All | All |
Operating System | Microsoft | Windows Server 2012 | - | All | All | All |
Operating System | Microsoft | Windows Server 2012 | - | r2 | All | All |
Operating System | Microsoft | Windows Server 2016 | - | All | All | All |
Operating System | Microsoft | Windows Server 2016 | 2004 | All | All | All |
Operating System | Microsoft | Windows Server 2016 | 20h2 | All | All | All |
Operating System | Microsoft | Windows Server 2019 | - | All | All | All |
Operating System | Microsoft | Windows Server 2022 | - | All | All | All |
- cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*:
- cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*:
- cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*:
- cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*:
- cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*:
No vendor comments have been submitted for this CVE
Social Mentions
Source | Title | Posted (UTC) |
---|---|---|
![]() |
Active exploitation of CVE-2021-40444. A bug that seems to allow attackers to execute activex from office docs? Pot… twitter.com/i/web/status/1… | 2021-09-07 18:26:31 |
![]() |
CVE-2021-40444 - Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using special… twitter.com/i/web/status/1… | 2021-09-07 18:36:55 |
![]() |
Mitigations and workarounds for CVE-2021-40444 (Microsoft MSHTML Remote Code Execution Vulnerability):… twitter.com/i/web/status/1… | 2021-09-07 18:41:42 |
![]() |
A new #attackerkb assesment on 'CVE-2021-40444' has been created by NinjaOperator. Attacker Value: 0 | Exploitabili… twitter.com/i/web/status/1… | 2021-09-07 18:49:04 |
![]() |
msrc.microsoft.com/update-guide/v… | 2021-09-07 18:54:48 |
![]() |
CVE-2021-40444: Microsoft gibt Sicherheitswarnung raus stadt-bremerhaven.de/cve-2021-40444… | 2021-09-07 18:57:32 |
![]() |
Microsoft just published an out-of-band informational advisory for CVE-2021-40444, an MSHTML remote code execution… twitter.com/i/web/status/1… | 2021-09-07 19:00:32 |
![]() |
CVE-2021-40444 twitter.com/EXPMON_/status… | 2021-09-07 19:14:07 |
![]() |
A new #attackerkb assesment on 'CVE-2021-40444' has been created by ccondon-r7. Attacker Value: 3 | Exploitability:… twitter.com/i/web/status/1… | 2021-09-07 19:14:08 |
![]() |
Identifier is CVE-2021-40444: msrc.microsoft.com/update-guide/v… No patch yet, just mitigation (disabling ActiveX execution).… twitter.com/i/web/status/1… | 2021-09-07 19:17:36 |
![]() |
CVE-2021-40444, Microsoft MSHTML RCE, also known as Trident, the Internet Explorer browser engine.… twitter.com/i/web/status/1… | 2021-09-07 19:37:06 |
![]() |
@Ionut_Ilascu The bug is tracked as CVE-2021-40444 and comes with a severity score just shy of a critical level - o… twitter.com/i/web/status/1… | 2021-09-07 19:56:55 |
![]() |
BleepinComputer: @Ionut_Ilascu The bug is tracked as CVE-2021-40444 and comes with a severity score just shy of a c… twitter.com/i/web/status/1… | 2021-09-07 20:00:57 |
![]() |
Microsoft Office Zero-Day Hit in Targeted Attacks - securityweek.com/microsoft-offi… (CVE-2021-40444) | 2021-09-07 20:03:15 |
![]() |
SecurityWeek: Microsoft Office Zero-Day Hit in Targeted Attacks - securityweek.com/microsoft-offi… (CVE-2021-40444) | 2021-09-07 20:09:44 |
![]() |
ActiveX truly is the gift that keeps on giving! Nobody could have predicted this. Nobody. CVE-2021-40444 in MSHTML… twitter.com/i/web/status/1… | 2021-09-07 20:16:59 |
![]() |
Some serious sophisticated #Zero-Day campaign are live based on below #advisory msrc.microsoft.com/update-guide/v… For now, D… twitter.com/i/web/status/1… | 2021-09-07 20:22:30 |
![]() |
#Microsoft shares temporary fix for ongoing Office 365 #zeroday #vulnerability attacks (#CVE-2021-40444). Are you… twitter.com/i/web/status/1… | 2021-09-07 20:43:42 |
![]() |
@notfabrice @wdormann The registry script in the announcement is the one you want. msrc.microsoft.com/update-guide/v… | 2021-09-07 20:47:45 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 bit.ly/3tr33EH #uscert #security | 2021-09-07 20:51:08 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… | 2021-09-07 20:53:03 |
![]() |
New Microsoft vulnerability. Embedded Active X within Office Doc can lead to RCE. msrc.microsoft.com/update-guide/v… | 2021-09-07 20:54:00 |
![]() |
US-CERT - Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3DUSBdx | 2021-09-07 20:54:43 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 bit.ly/3tr33EH #cert #security | 2021-09-07 20:54:46 |
![]() |
BOLO: Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… #InceptusSecure #UnderOurProtection | 2021-09-07 20:55:39 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 dlvr.it/S7763V via @USCERT_gov | 2021-09-07 20:57:31 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 sl.advdat.com/3kZQbBS | 2021-09-07 21:00:07 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 buff.ly/3DVWYVK #uscert #gov | 2021-09-07 21:00:09 |
![]() |
#zeroday CVE-2021-40444 Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that… twitter.com/i/web/status/1… | 2021-09-07 21:00:12 |
![]() |
#Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… | 2021-09-07 21:00:40 |
![]() |
#infosec Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3npUgCf | 2021-09-07 21:00:48 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… | 2021-09-07 21:03:18 |
![]() |
The vuln CVE-2021-40444 has a tweet created 0 days ago and retweeted 43 times. twitter.com/ImposeCost/sta… #pow1rtrtwwcve | 2021-09-07 21:06:00 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 itsecuritynews.info/microsoft-rele… | 2021-09-07 21:06:33 |
![]() |
#cybersecurity - #Microsoft#Microsoft365 #Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 msrc.microsoft.com/update-guide/v… | 2021-09-07 21:14:44 |
![]() |
#cybersecurity - #Microsoft#Microsoft365 #Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 msrc.microsoft.com/update-guide/v… | 2021-09-07 21:15:33 |
![]() |
Microsoft warns of new IE zero-day exploited in targeted Office attacks, another look on CVE-2021-40444 therecord.media/microsoft-warn… | 2021-09-07 21:19:09 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… | 2021-09-07 21:19:55 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3npUgCf | 2021-09-07 21:26:11 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 itsecuritynews.info/microsoft-rele… | 2021-09-07 21:35:59 |
![]() |
BleepingComputer - Microsoft shares temp fix for ongoing Office 365 zero-day attacks (0Day CVE-2021-40444 ActiveX)… twitter.com/i/web/status/1… | 2021-09-07 21:42:43 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 cyberiqs.com/microsoft-rele… #infosec #infosecurity… twitter.com/i/web/status/1… | 2021-09-07 21:45:54 |
![]() |
MicrosoftMSHTMLリモートコード実行の脆弱性 CVE-2021-40444 0-dayとのこと。 / 1件のコメント b.hatena.ne.jp/entry?url=http… “Security Update Guide - M… twitter.com/i/web/status/1… | 2021-09-07 21:48:06 |
![]() |
CVE-2021-40444 looks fun, just don’t use a computer and ur golden ??????? | 2021-09-07 21:50:58 |
![]() |
今日は第二水曜日ですが「第二火曜日の翌日の水曜日」ではないのでパッチの日ではありません。……と思っていたら、何やらゼロデイが。CVE-2021-40444 とか、もう 4 万番台か~。 / Microsoft shares tem… twitter.com/i/web/status/1… | 2021-09-07 21:55:14 |
![]() |
ActiveXか。。。 Internet Explorer 使うのをやめろってことね。 msrc.microsoft.com/update-guide/v… | 2021-09-07 21:59:41 |
![]() |
How to mitigate CVE-2021-40444 Vulnerability via Office in Windows 10 howto-connect.com/fix-cve-2021-4… | 2021-09-07 22:00:18 |
![]() |
US CISA advises users to review Microsoft's mitigations for avoiding CVE-2021-40444 zero-day vulnerability: US-CERT. | 2021-09-07 22:01:11 |
![]() |
But #microsoft #backdoors for #nsa remain in tact us-cert.cisa.gov/ncas/current-a… see techrights.org/wiki/index.php… | 2021-09-07 22:02:22 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 community.blueliv.com/#!/s/6137e2608… | 2021-09-07 22:06:59 |
![]() |
us-cert.cisa.gov/ncas/current-a… msrc.microsoft.com/update-guide/v… | 2021-09-07 22:13:17 |
![]() |
This one seems pretty dangerous. Get ready for a surge of endpoint issues msrc.microsoft.com/update-guide/v… | 2021-09-07 22:28:04 |
![]() |
msrc.microsoft.com/update-guide/v… RCE in MSHTML, crafting a malicious ActiveX control in an MSOFFICE doc. Thanks to #R10t o… twitter.com/i/web/status/1… | 2021-09-07 22:30:19 |
![]() |
The bug is tracked as CVE-2021-40444...The zero day attacks exploiting it are described as being "highly sophistica… twitter.com/i/web/status/1… | 2021-09-07 22:35:59 |
![]() |
Vulnerabilities in MSHTML. msrc.microsoft.com/update-guide/v… | 2021-09-07 22:39:21 |
![]() |
A new #attackerkb assesment on 'CVE-2021-40444' has been created by JunquerGJ. Attacker Value: 2 | Exploitability: 2 attackerkb.com/assessments/2e… | 2021-09-07 22:54:31 |
![]() |
The vuln CVE-2021-40444 has a tweet created 0 days ago and retweeted 10 times. twitter.com/campuscodi/sta… #pow1rtrtwwcve | 2021-09-07 23:06:00 |
![]() |
MSHTMLリモートコード実行 脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください。 msft.it/6018XzpVg | 2021-09-07 23:15:40 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 twib.in/l/p6eXq456apnA | 2021-09-07 23:15:50 |
![]() |
MSHTMLリモートコード実行 脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください。 msrc.microsoft.com/update-guide/v… | 2021-09-07 23:16:52 |
![]() |
Our system detects the Microsoft #CVE-2021-40444 #zero-day attack like this. We output the keyword "zero-day" if we… twitter.com/i/web/status/1… | 2021-09-07 23:28:47 |
![]() |
@ShadowChasing1 Might be related to msrc.microsoft.com/update-guide/v…. The JavaScript payload in side.html creates a ton of A… twitter.com/i/web/status/1… | 2021-09-07 23:30:07 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 | CISA - us-cert.cisa.gov/ncas/current-a… | 2021-09-07 23:53:56 |
![]() |
「Windowsに含まれるブラウザのレンダリングエンジンの「MSHTML」に脆弱性「CVE-2021-40444」が明らかとなったもの」 | 2021-09-08 00:18:46 |
![]() |
“Yurika on Twitter: "MSHTMLリモートコード実行 脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください… twitter.com/i/web/status/1… | 2021-09-08 00:28:26 |
![]() |
Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444) #hacktivex i5c.us/d27818 https://t.co/HdIHEhuY7B | 2021-09-08 00:30:07 |
![]() |
Microsoft entrega arreglo temporal para la vulnerabilidad CVE-2021-40444, el problema de seguridad afecta a Windows… twitter.com/i/web/status/1… | 2021-09-08 00:39:49 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 | CISA us-cert.cisa.gov/ncas/current-a… | 2021-09-08 01:02:44 |
![]() |
MSHTMLの脆弱性、回避はいつも通りActiveXの無効化だけど今後OfficeでもWebView2が使われるようになると少しはましになるんだろうか。 msrc.microsoft.com/update-guide/v… | 2021-09-08 01:02:48 |
![]() |
Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 | CISA us-cert.cisa.gov/ncas/current-a… | 2021-09-08 01:04:20 |
![]() |
“new Internet Explorer zero-day .. being abused in real-world attacks. Tracked as CVE-2021-40444 the #Vulnerability… twitter.com/i/web/status/1… | 2021-09-08 01:23:11 |
![]() |
Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444), (Wed, Sep 8th) ift.tt/3DOD0fs | 2021-09-08 01:23:55 |
![]() |
Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444), (Wed, Sep 8th) twib.in/l/48AX7kkrbpk5… twitter.com/i/web/status/1… | 2021-09-08 01:32:20 |
![]() |
CVE-2021-40444: Microsoft gibt Sicherheitswarnung raus | 2021-09-07 20:04:39 |
![]() |
CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability | 2021-09-07 21:19:06 |
![]() |
Microsoft shares temp fix for ongoing Office 365 zero-day attacks | 2021-09-07 20:56:45 |
![]() |
Microsoft MSHTML Remote Code Execution Vulnerability - CVE-2021-40444 | 2021-09-07 20:45:02 |
![]() |
A heads up about CVE-2021-40444 (MSHTML Remote Code Execution Vulnerability) | 2021-09-07 20:37:56 |
![]() |
Microsoft Windows MSHTML Remote Code Execution Vulnerability CVE-2021-40444 | 2021-09-07 20:33:36 |
![]() |
CVE-2021-40444 is being exploited in the wild - Microsoft MSHTML Remote Code Execution Vulnerability | 2021-09-08 07:16:56 |
![]() |
MS-ISAC CYBERSECURITY ADVISORY - A Vulnerability in Microsoft MSHTML Could Allow for Remote Code Execution - PATCH: NOW | 2021-09-08 13:12:02 |
![]() |
Security Update Guide - Microsoft Security Response Center CVE-2021-40444 | 2021-09-08 12:59:25 |
![]() |
[SITUATIONAL AWARENESS] CVE-2021-40444 MSHTML Remote Code Execution | 2021-09-08 14:10:21 |
![]() |
CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability | 2021-09-08 13:53:40 |
![]() |
Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far | 2021-09-08 18:49:21 |
![]() |
Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far | 2021-09-08 18:48:53 |
![]() |
Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far | 2021-09-08 18:48:30 |
![]() |
MSHTML Vulnerability fixed? (CVE-2021-40444) | 2021-09-08 19:54:48 |
![]() |
Kusto hunting query for CVE-2021-40444 | 2021-09-09 15:04:16 |
![]() |
Simple script to detect CVE-2021-40444 URLs using oletools | 2021-09-09 13:00:06 |
![]() |
Analyzing Microsoft Zero-Day Exploit (CVE-2021-40444) | 2021-09-09 17:21:12 |
![]() |
Heads up: Hackers are exploiting CVE-2021-40444 | 2021-09-09 20:15:14 |
![]() |
Microsoft Security 0-day CVE-2021-40444 , according to @vxunderground twitter if you wish to get a sample for your Blue team you can contact them directly [email protected] | 2021-09-09 21:38:54 |
![]() |
Windows CVE-2021-40444 zero-day defenses bypassed as new info emerges | 2021-09-09 23:15:54 |
![]() |
Windows CVE-2021-40444 zero-day defenses bypassed as new info emerges | 2021-09-09 23:12:29 |
![]() |
New to Custom Queries - Looking for feedback on my queries hunting for CVE-2021-40444 exploitation | 2021-09-10 16:08:11 |
![]() |
CVE-2021-40444 - 0day Affecting MSHTML Engine Leading to RCE via Crafted Microsoft Office or RTF File | 2021-09-10 17:39:53 |
![]() |
New MSWORD Vulnerability! (CVE-2021-40444) | 2021-09-10 20:36:08 |
![]() |
Malicious docx generator to exploit CVE-2021-40444 | 2021-09-11 09:26:30 |
![]() |
Malicious docx generator to exploit CVE-2021-40444 | 2021-09-11 09:21:59 |
![]() |
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) | 2021-09-11 09:49:11 |
![]() |
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) | 2021-09-11 11:33:51 |
![]() |
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) | 2021-09-11 11:31:58 |
![]() |
with Florian: Yara processing rules sessions 2 (FIN7 maldoc), 3 (Khepri Beacons) and 4 (CVE-2021-40444 Rule) | 2021-09-11 12:47:10 |
![]() |
YARA Rule Processing Session #4 CVE-2021-40444 Rule | 2021-09-11 12:06:37 |
![]() |
Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) | 2021-09-12 06:06:03 |
![]() |
CVE-2021-40444 Analysis/Exploit | 2021-09-12 17:01:15 |
![]() |
Heads up: Hackers are exploiting CVE-2021-40444 | 2021-09-12 22:46:07 |
![]() |
Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444 | 2021-09-13 03:48:21 |
![]() |
Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444 | 2021-09-13 04:59:48 |
![]() |
More Updates and Detection Ideas for CVE-2021-40444 | 2021-09-13 14:06:11 |
![]() |
More Updates and Detection Ideas for CVE-2021-40444 | 2021-09-13 14:02:34 |
![]() |
Is the CVE-2021-40444 workaround working? How to confirm? | 2021-09-13 12:53:38 |
![]() |
Explotando Vulnerabilidad CVE-2021-40444 | 2021-09-13 15:08:43 |
![]() |
microsoft fixes windows cve-2021-40444 mshtml zero-day bug | 2021-09-14 20:21:09 |
![]() |
Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug | 2021-09-15 07:08:09 |
![]() |
MSHTML Vulnerability Patched? | 2021-09-15 19:21:01 |
![]() |
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability | 2021-09-16 06:45:28 |
![]() |
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability | 2021-09-16 06:30:08 |
![]() |
Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability | Microsoft Security Blog | 2021-09-16 06:18:26 |
![]() |
Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL | 2021-09-16 09:55:43 |
![]() |
CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. | 2021-09-16 10:12:03 |
![]() |
GitHub - klezVirus/CVE-2021-40444: CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit | 2021-09-16 14:04:12 |
![]() |
CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. | 2021-09-16 18:15:19 |
![]() |
Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL | 2021-09-16 18:47:41 |
![]() |
CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. | 2021-09-16 18:47:39 |
![]() |
Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug | 2021-09-16 20:45:41 |
![]() |
Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL | 2021-09-17 14:45:07 |
![]() |
CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. | 2021-09-17 14:41:45 |
![]() |
Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL | 2021-09-17 15:57:04 |
![]() |
CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. | 2021-09-17 15:53:42 |
![]() |
Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL | 2021-09-17 19:05:26 |
![]() |
CVE-2021-40444 漏洞深入分析 - in-depth Chinese analysis of the vulnerability that is MSHTML | 2021-09-19 07:11:10 |
![]() |
You should learn JavaScript | 2021-09-20 06:36:14 |
![]() |
Simple Analysis Of A CVE-2021-40444 .docx Document | 2021-09-21 12:14:56 |
![]() |
Simple Analysis Of A CVE-2021-40444 .docx Document | 2021-09-21 13:32:10 |
![]() |
Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444 Patch? | 2021-09-22 15:01:14 |
![]() |
Peeking into CVE-2021-40444 | MS Office Zero-Day Vulnerability Exploited in the Wild | 2021-09-23 18:53:34 |
![]() |
An XML-Obfuscated Office Document (CVE-2021-40444) | 2021-09-24 03:05:37 |
![]() |
Help with creating an EQL query for catching unique filetypes requested within a short period by the same source host (CVE-2021-40444) | 2021-09-28 09:52:40 |
![]() |
Exploiting recent patches: Zero-Day Vulnerability in MSHTML (CVE-2021-40444) | 2021-09-29 13:23:56 |
![]() |
FormBook Adds Latest Office 365 0-Day Vulnerability CVE-2021-40444 to Its Arsenal | 2021-09-29 16:33:36 |
![]() |
Exploiting recent patches: Zero-Day Vulnerability in MSHTML (CVE-2021-40444) | 2021-09-30 11:27:13 |
![]() |
After patching for CVE-2021-40444, do we still need the workarounds/mitgations? | 2021-10-04 18:20:55 |
![]() |
We are a security team with 20+ years of ethical hacking, and we've defended over 2 million attacks with Blumira. Ask Us Anything. | 2021-10-18 14:49:47 |
![]() |
Beware of CVE-2021-40444 Vulnerability Attack Impersonating the President of Pyongyang University of Science and Technology by a North Korean-linked hacking organization | 2021-11-15 12:01:13 |
![]() |
Internet Explorer vulnerability threatens Microsoft Office users | 2021-11-17 13:44:27 |
![]() |
North Korea-related Malicious Document Files Using CVE-2021-40444 Vulnerability | 2021-11-23 14:40:12 |
![]() |
Happy Cakeday, r/crowdstrike! Today you're 7 | 2021-11-26 04:53:17 |
![]() |
Not sure what this is | 2021-12-22 00:09:54 |
![]() |
Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware | 2021-12-23 18:45:25 |
![]() |
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit | 2022-01-08 19:03:36 |
![]() |
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit | 2022-01-08 19:38:24 |
![]() |
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit | 2022-01-09 00:31:37 |
![]() |
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit | 2022-01-09 05:07:46 |
![]() |
Twitter API output to pscustomobject | 2022-01-10 18:21:49 |
![]() |
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit | 2022-01-24 13:32:57 |
![]() |
Office new connection server cache registry modifications | 2022-06-01 17:42:46 |
![]() |
CVE-2021-40444 and CVE-2022-30190 Exploit Detection: Cobalt Strike Beacon Delivered in a Cyber-Attack on Ukrainian State Bodies | 2022-06-02 19:00:22 |