Advertisement

Microsoft issues patch for zero-day exploit that uses malicious Office files

All it would take to be infected is to open the file.

Microsoft issues patch for zero-day exploit that uses malicious Office files

Microsoft has just rolled out an update fixing 66 security vulnerabilities as part of this month's Patch Tuesday. One of them addresses a critical zero-day vulnerability that's being actively exploited by hackers using Office files containing malicious ActiveX controls. A few days ago, Microsoft issued a warning about the flaw after being notified by security researchers who discovered that bad actors are exploiting it by tricking potential victims into opening malicious Office files. Upon being opened, the file automatically launches a page on Internet Explorer, which contains an ActiveX control that downloads malware onto the victim's computer.

When Microsoft published the warning, it didn't have a fix yet and only asked users to make sure Microsoft Defender Antivirus or Microsoft Defender for Endpoint are switch on. Both programs can detect attempts to exploit the vulnerability. It also advised users to disable all ActiveX controls on Internet Explorer. The vulnerability known as CVE-2021-40444 affects Windows Servers from version 2008 and Windows 7 through 10. Security researchers proved that the exploit is 100 percent reliable, and all it would take to infect a computer is to open the file a hacker sends. Now, the new update will make sure the flaw can't be exploited anymore.

In addition to patching CVE-2021-40444, the update also fixes two other critical flaws. As The Register notes, it fixes two remote code execution vulnerabilities for Windows WLAN AutoConfig Service and Open Management Infrastructure.