InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,219.96
(
-0.05%
)
US TECH 100
17,726.40
(
0.25%
)
Dow Jones
39,447.95
(
-0.16%
)
Brent Oil
82.83
(
0.54%
)
Bitcoin
62,985.56
(
2.50%
)
Post# of 6432
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Keep Next 10 Report Keyboard Shortcuts
Next 10 Prev Next

DiscoverGold

Send PM Follow Ignore
Followers 680
Posts 141245
Boards Moderated 36
Alias Born 03/10/2004

DiscoverGold

Re: None

Wednesday, 09/08/2021 9:52:44 AM

Wednesday, September 08, 2021 9:52:44 AM

Post# of 6432
Microsoft issues Windows attack warning that uses malicious Office files
By: Mariella Moon | September 8, 2021

Attackers are actively exploiting a Microsoft remote code execution vulnerability using malicious Office files, the tech giant has warned. The vulnerability known as CVE-2021-40444 affects Windows Servers from version 2008 and Windows 7 through 10. What attackers are doing is sending potential victims an Office file and tricking them into opening it. That file automatically opens Internet Explorer to load the bad actor's web page, which has an ActiveX control that downloads malware onto the victim's computer.

Several security researchers reported the zero-day attacks to Microsoft. One of them, Haifei Li of EXPMON, told BleepingComputer that the method is 100 percent reliable — all it would take to infect a system is for the victim to open the malicious file. In Li's case, the attack they came across used a .DOCX document. Microsoft has yet to roll out a security patch for the vulnerability, but it has published mitigation methods to prevent infection.

The tech giant says Microsoft Defender Antivirus and Microsoft Defender for Endpoint can both detect the vulnerability and prevent infection, so users need to keep them updated and running. Further, it advises disabling all ActiveX controls in Internet Explorer to render it inactive for all websites. Microsoft's security warning contains information how to do that, which involves updating IE's registry and rebooting the computer.

Read Full Story »»»

DiscoverGold

Information posted to this board is not meant to suggest any specific action, but to point out the technical signs that can help our readers make their own specific decisions. Caveat emptor!
• DiscoverGold

Public Reply Private Reply New Post
Keep Last Read
Keep Last Read Next 10 Report Keyboard Shortcuts
Next 10 Prev Next
Volume:
Day Range:
Bid:
Ask:
Last Trade Time:
Total Trades:
  • 1D
  • 1M
  • 3M
  • 6M
  • 1Y
  • 5Y
Detailed Quote
Recent MSFT News
More MSFT News
InvestorsHub NewsWire

Avant Technologies Equipping AI-Managed Data Center with High Performance Computing Systems AVAI May 10, 2024 8:00 AM

VAYK Discloses Strategic Conversation on Potential Acquisition of $4 Million Home Service Business VAYK May 9, 2024 9:00 AM

Bantec's Howco Awarded $4.19 Million Dollar U.S. Department of Defense Contract BANT May 8, 2024 10:00 AM

Element79 Gold Corp Successfully Closes Maverick Springs Option Agreement ELEM May 8, 2024 9:05 AM

Kona Gold Beverages, Inc. Achieves April Revenues Exceeding $586,000 KGKG May 8, 2024 8:30 AM

Epazz plans to spin off Galaxy Batteries Inc. EPAZ May 8, 2024 7:05 AM

Start posting your company's news
Only $200 per official company press release!