REDLEGG BLOG

Emergency Vulnerability Bulletin

9/10/21 1:21 PM  |  by RedLegg Blog

Microsoft MSHTML Remote Code Execution Vulnerability

Identifier: CVE-2021-40444

Exploit or POC: Yes

Update: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

Description: CVE-2021-40444 allows an attacker to remotely execute code on a host via the vulnerable MSHTML component. This vulnerability is actively being exploited and being used to install CobaltStrike payloads onto vulnerable hosts.

Mitigation recommendation: RedLegg recommends patching this vulnerability as soon as possible. Microsoft has offered alternative mitigation steps if patching is not possible at this time. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444.

Get Blog Updates

Related Articles

Emergency Vulnerability Bulletin - 09/30/22 96bravo

Emergency Vulnerability Bulletin - 09/30/22

Atlassian Bitbucket Server and Data Center Vulnerability Identifier: CVE-2022-36804 Exploit or POC: Yes (Actively Being ...
Emergency Vulnerability Bulletin - 09/30/22 96bravo

Emergency Vulnerability Bulletin - 09/30/22

Microsoft Exchange Server Server-Side Request Forgery (SSRF) Vulnerability Identifier: CVE-2022-41040 Exploit or POC: ...
Critical Security Vulnerabilities Bulletin