QID 91814

Date Published: 2021-09-08

QID 91814: Microsoft MSHTML Remote Code Execution (RCE) Vulnerability

Remote Code Execution vulnerability in MSHTML that affects Microsoft Windows. Microsoft is aware of targeted attacks that attempt to exploit this vulnerability by using specially-crafted Microsoft Office documents.

The KB Articles associated with the update:
KB5005573
KB5005568
KB5005566
KB5005565
KB5005569
KB5005633
KB5005563
KB5005613
KB5005627
KB5005606
KB5005623
KB5005575

This QID checks for the file version of ntoskrnl.exe and mshtml.dll

The following versions of ntoskrnl.exe and mshtml.dllwith their corresponding KBs are verified:
KB5005573
KB5005568
KB5005566
KB5005565
KB5005569
KB5005633
KB5005563
KB5005613
KB5005627
KB5005606
KB5005623
KB5005575

An attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

  • CVSS V3 rated as Critical - 8.8 severity.
  • CVSS V2 rated as Critical - 10 severity.
  • CVEs related to QID 91814

    Software Advisories
    Advisory ID Software Component Link
    KB5005563 URL Logo support.microsoft.com/en-in/help/5005563
    KB5005565 URL Logo support.microsoft.com/en-in/help/5005565
    KB5005566 URL Logo support.microsoft.com/en-in/help/5005566
    KB5005568 URL Logo support.microsoft.com/en-in/help/5005568
    KB5005569 URL Logo support.microsoft.com/en-in/help/5005569
    KB5005573 URL Logo support.microsoft.com/en-in/help/5005573
    KB5005575 URL Logo support.microsoft.com/en-in/help/5005575
    KB5005606 URL Logo support.microsoft.com/en-in/help/5005606
    KB5005613 URL Logo support.microsoft.com/en-in/help/5005613
    KB5005623 URL Logo support.microsoft.com/en-in/help/5005623
    KB5005627 URL Logo support.microsoft.com/en-in/help/5005627
    KB5005633 URL Logo support.microsoft.com/en-in/help/5005633