CVE-2021-40444

Published on: 09/15/2021 12:00:00 AM UTC

Last Modified on: 09/24/2021 06:43:00 PM UTC

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Certain versions of Windows 10 from Microsoft contain the following vulnerability:

Microsoft MSHTML Remote Code Execution Vulnerability

  • CVE-2021-40444 has been assigned by URL Logo [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.8 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
LOCAL LOW NONE REQUIRED
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED HIGH HIGH HIGH

CVSS2 Score: 6.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK MEDIUM NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
PARTIAL PARTIAL PARTIAL

CVE References

Description Tags Link
Microsoft Windows MSHTML Overview ≈ Packet Storm packetstormsecurity.com
text/html
URL Logo MISC packetstormsecurity.com/files/164210/Microsoft-Windows-MSHTML-Overview.html
Security Update Guide - Microsoft Security Response Center portal.msrc.microsoft.com
text/html
URL Logo MISC portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40444

Related QID Numbers

  • 91814 Microsoft MSHTML Remote Code Execution (RCE) Vulnerability

Exploit/POC from Github

Malicious document builder for CVE-2021-40444

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
Operating
System
MicrosoftWindows 10-AllAllAll
Operating
System
MicrosoftWindows 101607AllAllAll
Operating
System
MicrosoftWindows 101809AllAllAll
Operating
System
MicrosoftWindows 101909AllAllAll
Operating
System
MicrosoftWindows 102004AllAllAll
Operating
System
MicrosoftWindows 1020h2AllAllAll
Operating
System
MicrosoftWindows 1021h1AllAllAll
Operating
System
MicrosoftWindows 7-sp1AllAll
Operating
System
MicrosoftWindows 8.1-AllAllAll
Operating
System
MicrosoftWindows Rt 8.1-AllAllAll
Operating
System
MicrosoftWindows Server 2008-sp2AllAll
Operating
System
MicrosoftWindows Server 2008r2sp1AllAll
Operating
System
MicrosoftWindows Server 2012-AllAllAll
Operating
System
MicrosoftWindows Server 2012-r2AllAll
Operating
System
MicrosoftWindows Server 2016-AllAllAll
Operating
System
MicrosoftWindows Server 20162004AllAllAll
Operating
System
MicrosoftWindows Server 201620h2AllAllAll
Operating
System
MicrosoftWindows Server 2019-AllAllAll
Operating
System
MicrosoftWindows Server 2022-AllAllAll
  • cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:1607:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:1909:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:2004:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:20h2:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_10:21h1:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:-:*:-:*:
  • cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:-:*:-:*:
  • cpe:2.3:o:microsoft:windows_rt_8.1:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:x64:*:
  • cpe:2.3:o:microsoft:windows_server_2012:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2012:-:r2:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2016:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2016:2004:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2016:20h2:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*:
  • cpe:2.3:o:microsoft:windows_server_2022:-:*:*:*:*:*:*:*:

Social Mentions

Source Title Posted (UTC)
Twitter Icon @Francisckrs Active exploitation of CVE-2021-40444. A bug that seems to allow attackers to execute activex from office docs? Pot… twitter.com/i/web/status/1… 2021-09-07 18:26:31
Twitter Icon @ImposeCost CVE-2021-40444 - Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using special… twitter.com/i/web/status/1… 2021-09-07 18:36:55
Twitter Icon @MalwareRE Mitigations and workarounds for CVE-2021-40444 (Microsoft MSHTML Remote Code Execution Vulnerability):… twitter.com/i/web/status/1… 2021-09-07 18:41:42
Twitter Icon @Attackerkb_Bot A new #attackerkb assesment on 'CVE-2021-40444' has been created by NinjaOperator. Attacker Value: 0 | Exploitabili… twitter.com/i/web/status/1… 2021-09-07 18:49:04
Twitter Icon @mig30m6 msrc.microsoft.com/update-guide/v… 2021-09-07 18:54:48
Twitter Icon @CaschysBlog CVE-2021-40444: Microsoft gibt Sicherheitswarnung raus stadt-bremerhaven.de/cve-2021-40444… 2021-09-07 18:57:32
Twitter Icon @satnam Microsoft just published an out-of-band informational advisory for CVE-2021-40444, an MSHTML remote code execution… twitter.com/i/web/status/1… 2021-09-07 19:00:32
Twitter Icon @NinjaOperator CVE-2021-40444 twitter.com/EXPMON_/status… 2021-09-07 19:14:07
Twitter Icon @Attackerkb_Bot A new #attackerkb assesment on 'CVE-2021-40444' has been created by ccondon-r7. Attacker Value: 3 | Exploitability:… twitter.com/i/web/status/1… 2021-09-07 19:14:08
Twitter Icon @campuscodi Identifier is CVE-2021-40444: msrc.microsoft.com/update-guide/v… No patch yet, just mitigation (disabling ActiveX execution).… twitter.com/i/web/status/1… 2021-09-07 19:17:36
Twitter Icon @r4ankit CVE-2021-40444, Microsoft MSHTML RCE, also known as Trident, the Internet Explorer browser engine.… twitter.com/i/web/status/1… 2021-09-07 19:37:06
Twitter Icon @BleepinComputer @Ionut_Ilascu The bug is tracked as CVE-2021-40444 and comes with a severity score just shy of a critical level - o… twitter.com/i/web/status/1… 2021-09-07 19:56:55
Twitter Icon @cybersecureny BleepinComputer: @Ionut_Ilascu The bug is tracked as CVE-2021-40444 and comes with a severity score just shy of a c… twitter.com/i/web/status/1… 2021-09-07 20:00:57
Twitter Icon @SecurityWeek Microsoft Office Zero-Day Hit in Targeted Attacks - securityweek.com/microsoft-offi… (CVE-2021-40444) 2021-09-07 20:03:15
Twitter Icon @MrsYisWhy SecurityWeek: Microsoft Office Zero-Day Hit in Targeted Attacks - securityweek.com/microsoft-offi… (CVE-2021-40444) 2021-09-07 20:09:44
Twitter Icon @wdormann ActiveX truly is the gift that keeps on giving! Nobody could have predicted this. Nobody. CVE-2021-40444 in MSHTML… twitter.com/i/web/status/1… 2021-09-07 20:16:59
Twitter Icon @TheD4RKr3ap3r Some serious sophisticated #Zero-Day campaign are live based on below #advisory msrc.microsoft.com/update-guide/v… For now, D… twitter.com/i/web/status/1… 2021-09-07 20:22:30
Twitter Icon @securestep9 #Microsoft shares temporary fix for ongoing Office 365 #zeroday #vulnerability attacks (#CVE-2021-40444). Are you… twitter.com/i/web/status/1… 2021-09-07 20:43:42
Twitter Icon @ericlaw @notfabrice @wdormann The registry script in the announcement is the one you want. msrc.microsoft.com/update-guide/v… 2021-09-07 20:47:45
Twitter Icon @ATTOGTech Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 bit.ly/3tr33EH #uscert #security 2021-09-07 20:51:08
Twitter Icon @corq Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… 2021-09-07 20:53:03
Twitter Icon @CyberCaffeinate New Microsoft vulnerability. Embedded Active X within Office Doc can lead to RCE. msrc.microsoft.com/update-guide/v… 2021-09-07 20:54:00
Twitter Icon @buzz_sec US-CERT - Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3DUSBdx 2021-09-07 20:54:43
Twitter Icon @SiciliamConsult Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 bit.ly/3tr33EH #cert #security 2021-09-07 20:54:46
Twitter Icon @Inceptus3 BOLO: Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… #InceptusSecure #UnderOurProtection 2021-09-07 20:55:39
Twitter Icon @AcooEdi Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 dlvr.it/S7763V via @USCERT_gov 2021-09-07 20:57:31
Twitter Icon @ADVDAT_OH Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 sl.advdat.com/3kZQbBS 2021-09-07 21:00:07
Twitter Icon @NotTruppi Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 buff.ly/3DVWYVK #uscert #gov 2021-09-07 21:00:09
Twitter Icon @s_adachi #zeroday CVE-2021-40444 Microsoft is investigating reports of a remote code execution vulnerability in MSHTML that… twitter.com/i/web/status/1… 2021-09-07 21:00:12
Twitter Icon @Sec_Cyber #Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… 2021-09-07 21:00:40
Twitter Icon @jeffreydbrown #infosec Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3npUgCf 2021-09-07 21:00:48
Twitter Icon @security_inside Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… 2021-09-07 21:03:18
Twitter Icon @ipssignatures The vuln CVE-2021-40444 has a tweet created 0 days ago and retweeted 43 times. twitter.com/ImposeCost/sta… #pow1rtrtwwcve 2021-09-07 21:06:00
Twitter Icon @IT_securitynews Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 itsecuritynews.info/microsoft-rele… 2021-09-07 21:06:33
Twitter Icon @empressbat #cybersecurity - #Microsoft#Microsoft365 #Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 msrc.microsoft.com/update-guide/v… 2021-09-07 21:14:44
Twitter Icon @demystifycyber #cybersecurity - #Microsoft#Microsoft365 #Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 msrc.microsoft.com/update-guide/v… 2021-09-07 21:15:33
Twitter Icon @MariaRusanova88 Microsoft warns of new IE zero-day exploited in targeted Office attacks, another look on CVE-2021-40444 therecord.media/microsoft-warn… 2021-09-07 21:19:09
Twitter Icon @gregoryfarley Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 us-cert.cisa.gov/ncas/current-a… 2021-09-07 21:19:55
Twitter Icon @bug_less Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 ift.tt/3npUgCf 2021-09-07 21:26:11
Twitter Icon @IT_securitynews Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 itsecuritynews.info/microsoft-rele… 2021-09-07 21:35:59
Twitter Icon @d4rckh BleepingComputer - Microsoft shares temp fix for ongoing Office 365 zero-day attacks (0Day CVE-2021-40444 ActiveX)… twitter.com/i/web/status/1… 2021-09-07 21:42:43
Twitter Icon @CyberIQs_ Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 cyberiqs.com/microsoft-rele… #infosec #infosecurity… twitter.com/i/web/status/1… 2021-09-07 21:45:54
Twitter Icon @tukanana MicrosoftMSHTMLリモートコード実行の脆弱性 CVE-2021-40444 0-dayとのこと。 / 1件のコメント b.hatena.ne.jp/entry?url=http… “Security Update Guide - M… twitter.com/i/web/status/1… 2021-09-07 21:48:06
Twitter Icon @UK_Daniel_Card CVE-2021-40444 looks fun, just don’t use a computer and ur golden ??????? 2021-09-07 21:50:58
Twitter Icon @masmasjp 今日は第二水曜日ですが「第二火曜日の翌日の水曜日」ではないのでパッチの日ではありません。……と思っていたら、何やらゼロデイが。CVE-2021-40444 とか、もう 4 万番台か~。 / Microsoft shares tem… twitter.com/i/web/status/1… 2021-09-07 21:55:14
Twitter Icon @masart_3 ActiveXか。。。 Internet Explorer 使うのをやめろってことね。 msrc.microsoft.com/update-guide/v… 2021-09-07 21:59:41
Twitter Icon @howtoconnect1 How to mitigate CVE-2021-40444 Vulnerability via Office in Windows 10 howto-connect.com/fix-cve-2021-4… 2021-09-07 22:00:18
Twitter Icon @InakMali US CISA advises users to review Microsoft's mitigations for avoiding CVE-2021-40444 zero-day vulnerability: US-CERT. 2021-09-07 22:01:11
Twitter Icon @schestowitz But #microsoft #backdoors for #nsa remain in tact us-cert.cisa.gov/ncas/current-a… see techrights.org/wiki/index.php… 2021-09-07 22:02:22
Twitter Icon @omarbv Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 community.blueliv.com/#!/s/6137e2608… 2021-09-07 22:06:59
Twitter Icon @stuart_smiles us-cert.cisa.gov/ncas/current-a… msrc.microsoft.com/update-guide/v… 2021-09-07 22:13:17
Twitter Icon @chriswebb18 This one seems pretty dangerous. Get ready for a surge of endpoint issues msrc.microsoft.com/update-guide/v… 2021-09-07 22:28:04
Twitter Icon @bryanbrake msrc.microsoft.com/update-guide/v… RCE in MSHTML, crafting a malicious ActiveX control in an MSOFFICE doc. Thanks to #R10t o… twitter.com/i/web/status/1… 2021-09-07 22:30:19
Twitter Icon @sakerdude The bug is tracked as CVE-2021-40444...The zero day attacks exploiting it are described as being "highly sophistica… twitter.com/i/web/status/1… 2021-09-07 22:35:59
Twitter Icon @dscriven Vulnerabilities in MSHTML. msrc.microsoft.com/update-guide/v… 2021-09-07 22:39:21
Twitter Icon @Attackerkb_Bot A new #attackerkb assesment on 'CVE-2021-40444' has been created by JunquerGJ. Attacker Value: 2 | Exploitability: 2 attackerkb.com/assessments/2e… 2021-09-07 22:54:31
Twitter Icon @ipssignatures The vuln CVE-2021-40444 has a tweet created 0 days ago and retweeted 10 times. twitter.com/campuscodi/sta… #pow1rtrtwwcve 2021-09-07 23:06:00
Twitter Icon @JSECTEAM MSHTMLリモートコード実行 脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください。 msft.it/6018XzpVg 2021-09-07 23:15:40
Twitter Icon @InfoSecHotSpot Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 twib.in/l/p6eXq456apnA 2021-09-07 23:15:50
Twitter Icon @EurekaBerry MSHTMLリモートコード実行 脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください。 msrc.microsoft.com/update-guide/v… 2021-09-07 23:16:52
Twitter Icon @EXPMON_ Our system detects the Microsoft #CVE-2021-40444 #zero-day attack like this. We output the keyword "zero-day" if we… twitter.com/i/web/status/1… 2021-09-07 23:28:47
Twitter Icon @BouncyHat @ShadowChasing1 Might be related to msrc.microsoft.com/update-guide/v…. The JavaScript payload in side.html creates a ton of A… twitter.com/i/web/status/1… 2021-09-07 23:30:07
Twitter Icon @moton Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 | CISA - us-cert.cisa.gov/ncas/current-a… 2021-09-07 23:53:56
Twitter Icon @ohhara_shiojiri 「Windowsに含まれるブラウザのレンダリングエンジンの「MSHTML」に脆弱性「CVE-2021-40444」が明らかとなったもの」 2021-09-08 00:18:46
Twitter Icon @waiha8 “Yurika on Twitter: "MSHTMLリモートコード実行 脆弱性 (CVE-2021-40444)を定例外で公開しました。限定的な攻撃を確認しています。緩和策のガイダンスをご参照頂きシステムの保護を検討してください… twitter.com/i/web/status/1… 2021-09-08 00:28:26
Twitter Icon @sans_isc Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444) #hacktivex i5c.us/d27818 https://t.co/HdIHEhuY7B 2021-09-08 00:30:07
Twitter Icon @OrionSecLatam Microsoft entrega arreglo temporal para la vulnerabilidad CVE-2021-40444, el problema de seguridad afecta a Windows… twitter.com/i/web/status/1… 2021-09-08 00:39:49
Twitter Icon @tadmaddad Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 | CISA us-cert.cisa.gov/ncas/current-a… 2021-09-08 01:02:44
Twitter Icon @kkamegawa MSHTMLの脆弱性、回避はいつも通りActiveXの無効化だけど今後OfficeでもWebView2が使われるようになると少しはましになるんだろうか。 msrc.microsoft.com/update-guide/v… 2021-09-08 01:02:48
Twitter Icon @Secnewsbytes Microsoft Releases Mitigations and Workarounds for CVE-2021-40444 | CISA us-cert.cisa.gov/ncas/current-a… 2021-09-08 01:04:20
Twitter Icon @christinayiotis “new Internet Explorer zero-day .. being abused in real-world attacks. Tracked as CVE-2021-40444 the #Vulnerability… twitter.com/i/web/status/1… 2021-09-08 01:23:11
Twitter Icon @bug_less Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444), (Wed, Sep 8th) ift.tt/3DOD0fs 2021-09-08 01:23:55
Twitter Icon @aglongo Microsoft Offers Workaround for 0-Day Office Vulnerability (CVE-2021-40444), (Wed, Sep 8th) twib.in/l/48AX7kkrbpk5twitter.com/i/web/status/1… 2021-09-08 01:32:20
Reddit Logo Icon /r/CaschysBlog CVE-2021-40444: Microsoft gibt Sicherheitswarnung raus 2021-09-07 20:04:39
Reddit Logo Icon /r/sysadmin CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability 2021-09-07 21:19:06
Reddit Logo Icon /r/sysadmin Microsoft shares temp fix for ongoing Office 365 zero-day attacks 2021-09-07 20:56:45
Reddit Logo Icon /r/cybersecurity Microsoft MSHTML Remote Code Execution Vulnerability - CVE-2021-40444 2021-09-07 20:45:02
Reddit Logo Icon /r/sysadmin A heads up about CVE-2021-40444 (MSHTML Remote Code Execution Vulnerability) 2021-09-07 20:37:56
Reddit Logo Icon /r/vulnintel Microsoft Windows MSHTML Remote Code Execution Vulnerability CVE-2021-40444 2021-09-07 20:33:36
Reddit Logo Icon /r/blueteamsec CVE-2021-40444 is being exploited in the wild - Microsoft MSHTML Remote Code Execution Vulnerability 2021-09-08 07:16:56
Reddit Logo Icon /r/k12cybersecurity MS-ISAC CYBERSECURITY ADVISORY - A Vulnerability in Microsoft MSHTML Could Allow for Remote Code Execution - PATCH: NOW 2021-09-08 13:12:02
Reddit Logo Icon /r/CKsTechNews Security Update Guide - Microsoft Security Response Center CVE-2021-40444 2021-09-08 12:59:25
Reddit Logo Icon /r/crowdstrike [SITUATIONAL AWARENESS] CVE-2021-40444 MSHTML Remote Code Execution 2021-09-08 14:10:21
Reddit Logo Icon /r/crowdstrike CVE-2021-40444 - Microsoft MSHTML Remote Code Execution Vulnerability 2021-09-08 13:53:40
Reddit Logo Icon /r/sysadmin Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far 2021-09-08 18:49:21
Reddit Logo Icon /r/msp Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far 2021-09-08 18:48:53
Reddit Logo Icon /r/cybersecurity Microsoft MSHTML CVE-2021-40444 Zero-Day: What We Know So Far 2021-09-08 18:48:30
Reddit Logo Icon /r/sysadmin MSHTML Vulnerability fixed? (CVE-2021-40444) 2021-09-08 19:54:48
Reddit Logo Icon /r/purpleteamsec Kusto hunting query for CVE-2021-40444 2021-09-09 15:04:16
Reddit Logo Icon /r/purpleteamsec Simple script to detect CVE-2021-40444 URLs using oletools 2021-09-09 13:00:06
Reddit Logo Icon /r/Malware Analyzing Microsoft Zero-Day Exploit (CVE-2021-40444) 2021-09-09 17:21:12
Reddit Logo Icon /r/msp Heads up: Hackers are exploiting CVE-2021-40444 2021-09-09 20:15:14
Reddit Logo Icon /r/SecOpsDaily Microsoft Security 0-day CVE-2021-40444 , according to @vxunderground twitter if you wish to get a sample for your Blue team you can contact them directly [email protected] 2021-09-09 21:38:54
Reddit Logo Icon /r/sysadmin Windows CVE-2021-40444 zero-day defenses bypassed as new info emerges 2021-09-09 23:15:54
Reddit Logo Icon /r/cybersecurity Windows CVE-2021-40444 zero-day defenses bypassed as new info emerges 2021-09-09 23:12:29
Reddit Logo Icon /r/crowdstrike New to Custom Queries - Looking for feedback on my queries hunting for CVE-2021-40444 exploitation 2021-09-10 16:08:11
Reddit Logo Icon /r/netsec CVE-2021-40444 - 0day Affecting MSHTML Engine Leading to RCE via Crafted Microsoft Office or RTF File 2021-09-10 17:39:53
Reddit Logo Icon /r/cybersecurity New MSWORD Vulnerability! (CVE-2021-40444) 2021-09-10 20:36:08
Reddit Logo Icon /r/redteamsec Malicious docx generator to exploit CVE-2021-40444 2021-09-11 09:26:30
Reddit Logo Icon /r/netsec Malicious docx generator to exploit CVE-2021-40444 2021-09-11 09:21:59
Reddit Logo Icon /r/blueteamsec Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) 2021-09-11 09:49:11
Reddit Logo Icon /r/purpleteamsec Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) 2021-09-11 11:33:51
Reddit Logo Icon /r/cybersecurity Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) 2021-09-11 11:31:58
Reddit Logo Icon /r/blueteamsec with Florian: Yara processing rules sessions 2 (FIN7 maldoc), 3 (Khepri Beacons) and 4 (CVE-2021-40444 Rule) 2021-09-11 12:47:10
Reddit Logo Icon /r/purpleteamsec YARA Rule Processing Session #4 CVE-2021-40444 Rule 2021-09-11 12:06:37
Reddit Logo Icon /r/u/CyberGh00st Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) 2021-09-12 06:06:03
Reddit Logo Icon /r/purpleteamsec CVE-2021-40444 Analysis/Exploit 2021-09-12 17:01:15
Reddit Logo Icon /r/cybersecurityNZ Heads up: Hackers are exploiting CVE-2021-40444 2021-09-12 22:46:07
Reddit Logo Icon /r/blueteamsec Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444 2021-09-13 03:48:21
Reddit Logo Icon /r/purpleteamsec Mapping and Pivoting from Cobalt Strike C2 Infrastructure Attributed to CVE-2021-40444 2021-09-13 04:59:48
Reddit Logo Icon /r/sysadmin More Updates and Detection Ideas for CVE-2021-40444 2021-09-13 14:06:11
Reddit Logo Icon /r/cybersecurity More Updates and Detection Ideas for CVE-2021-40444 2021-09-13 14:02:34
Reddit Logo Icon /r/sysadmin Is the CVE-2021-40444 workaround working? How to confirm? 2021-09-13 12:53:38
Reddit Logo Icon /r/programacion Explotando Vulnerabilidad CVE-2021-40444 2021-09-13 15:08:43
Reddit Logo Icon /r/the_bitcoin_party microsoft fixes windows cve-2021-40444 mshtml zero-day bug 2021-09-14 20:21:09
Reddit Logo Icon /r/bag_o_news Microsoft fixes Windows CVE-2021-40444 MSHTML zero-day bug 2021-09-15 07:08:09
Reddit Logo Icon /r/Windows10 MSHTML Vulnerability Patched? 2021-09-15 19:21:01
Reddit Logo Icon /r/purpleteamsec Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability 2021-09-16 06:45:28
Reddit Logo Icon /r/blueteamsec Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability 2021-09-16 06:30:08
Reddit Logo Icon /r/redteamsec Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability | Microsoft Security Blog 2021-09-16 06:18:26
Reddit Logo Icon /r/redteamsec Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL 2021-09-16 09:55:43
Reddit Logo Icon /r/blueteamsec CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. 2021-09-16 10:12:03
Reddit Logo Icon /r/bag_o_news GitHub - klezVirus/CVE-2021-40444: CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit 2021-09-16 14:04:12
Reddit Logo Icon /r/SecNewsAgg CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. 2021-09-16 18:15:19
Reddit Logo Icon /r/SecNewsAgg Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL 2021-09-16 18:47:41
Reddit Logo Icon /r/SecNewsAgg CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. 2021-09-16 18:47:39
Reddit Logo Icon /r/InfoSecNews Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug 2021-09-16 20:45:41
Reddit Logo Icon /r/SecNewsAgg Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL 2021-09-17 14:45:07
Reddit Logo Icon /r/SecNewsAgg CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. 2021-09-17 14:41:45
Reddit Logo Icon /r/SecNewsAgg Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL 2021-09-17 15:57:04
Reddit Logo Icon /r/SecNewsAgg CVE-2021-40444 (MSHTML) - Fully Weaponized Microsoft Office Word RCE Exploit - Malicious docx generator and works with arbitrary DLL files. 2021-09-17 15:53:42
Reddit Logo Icon /r/SecNewsAgg Fully Weaponized CVE-2021-40444: Malicious docx generator using arbitrary DLL 2021-09-17 19:05:26
Reddit Logo Icon /r/blueteamsec CVE-2021-40444 漏洞深入分析 - in-depth Chinese analysis of the vulnerability that is MSHTML 2021-09-19 07:11:10
Reddit Logo Icon /r/cybersecurity You should learn JavaScript 2021-09-20 06:36:14
Reddit Logo Icon /r/cybersecurity Simple Analysis Of A CVE-2021-40444 .docx Document 2021-09-21 12:14:56
Reddit Logo Icon /r/SecNewsAgg Simple Analysis Of A CVE-2021-40444 .docx Document 2021-09-21 13:32:10
Reddit Logo Icon /r/sysadmin Microsoft MSHTML Remote Code Execution Vulnerability CVE-2021-40444 Patch? 2021-09-22 15:01:14
Reddit Logo Icon /r/InfoSecNews Peeking into CVE-2021-40444 | MS Office Zero-Day Vulnerability Exploited in the Wild 2021-09-23 18:53:34
Reddit Logo Icon /r/cybersecurity An XML-Obfuscated Office Document (CVE-2021-40444) 2021-09-24 03:05:37
Reddit Logo Icon /r/elasticsearch Help with creating an EQL query for catching unique filetypes requested within a short period by the same source host (CVE-2021-40444) 2021-09-28 09:52:40
© CVE.report 2021 Twitter Nitter Twitter Viewer |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report