Microsoft has released mitigations and workarounds to address a remote code execution vulnerability (CVE-2021-40444) in Microsoft Windows. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system. This vulnerability has been detected in exploits in the wild.

CISA encourages users and administrators to review [Microsoft’s advisory](<https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444 >) and to implement the mitigations and workarounds.

This product is provided subject to this Notification and this Privacy & Use policy.

Please share your thoughts.

We recently updated our anonymous product survey; we’d welcome your feedback.

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2021-40444

trendmicroblog 2

threatpost 6

githubexploit 29

thn 11

prion 1

nvd 1

checkpoint_advisories 1

metasploit 1

cisa_kev 1

trellix 10

malwarebytes 5

mscve 1

krebs 2

nessus 8

kitploit 1

securelist 6

packetstorm 2

avleonov 2

ics 2

cvelist 1

mmpc 2

rapid7blog 2

talosblog 1

zdt 1

attackerkb 2

kaspersky 2

mssecure 2

cve 1

hivepro 2

cnvd 1

pentestpartners 1

mskb 13

googleprojectzero 2

openvas 7

qualysblog 3

trendmicroblog

Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs

2021-09-09 00:00:00

FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal

2021-09-29 00:00:00

threatpost

Microsoft MSHTML Flaw Exploited by Ryuk Ransomware Gang

2021-09-17 12:07:59

Microsoft, CISA Urge Mitigations for Zero-Day RCE Flaw in Windows

2021-09-08 12:24:51

Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops

2022-03-18 14:49:01

githubexploit

Exploit for Path Traversal in Microsoft

2021-09-14 20:32:28

Exploit for Vulnerability in Microsoft

2021-09-11 05:31:52

Exploit for Vulnerability in Microsoft

2021-09-08 08:32:40

thn

Hackers Exploited MSHTML Flaw to Spy on Government and Defense Targets

2022-01-25 14:04:00

Windows MSHTML 0-Day Exploited to Deploy Cobalt Strike Beacon in Targeted Attacks

2021-09-16 07:19:00

Watch Out! Researchers Spot New Microsoft Office Zero-Day Exploit in the Wild

2022-05-30 09:40:00

prion

Remote code execution

2021-09-15 12:15:00

nvd

CVE-2021-40444

2021-09-15 12:15:16

checkpoint_advisories

Microsoft Internet Explorer MSHTML Remote Code Execution (CVE-2021-40444)

2021-09-09 00:00:00

metasploit

Microsoft Office Word Malicious MSHTML RCE

2021-11-09 11:18:58

cisa_kev

Microsoft MSHTML Remote Code Execution Vulnerability

2021-11-03 00:00:00

trellix

Prime Minister’s Office Compromised: Details of Recent Espionage Campaign

2022-01-25 00:00:00

Trellix Global Defenders: Defending against Cyber Espionage Campaigns – Operation Graphite

2022-06-20 00:00:00

Trellix Global Defenders: Defending against Cyber Espionage Campaigns – Operation Graphite

2022-06-20 00:00:00

malwarebytes

MSHTML attack targets Russian state rocket centre and interior ministry

2021-09-22 19:16:56

[updated] Windows MSHTML zero-day actively exploited, mitigations required

2021-09-08 11:04:07

Meet Exotic Lily, access broker for ransomware and other malware peddlers

2022-03-18 22:58:48

mscve

Microsoft MSHTML Remote Code Execution Vulnerability

2021-09-07 07:00:00

krebs

Microsoft: Attackers Exploiting Windows Zero-Day Flaw

2021-09-08 15:03:45

Microsoft Patch Tuesday, September 2021 Edition

2021-09-14 21:00:42

nessus

Security Updates for Internet Explorer (September 2021)

2021-09-14 00:00:00

Security Updates for Microsoft Internet Explorer OOB (Sept 2021) (deprecated)

2021-09-10 00:00:00

KB5005569: Windows 10 version 1507 LTS September 2021 Security Update

2021-09-14 00:00:00

kitploit

CVE-2021-40444 PoC - Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

2021-09-16 13:13:00

securelist

Exploitation of the CVE-2021-40444 vulnerability in MSHTML

2021-09-16 15:30:57

CVE-2022-30190 (Follina) vulnerability in MSDT: description and counteraction

2022-06-06 08:00:02

IT threat evolution Q3 2021

2021-11-26 12:00:36

packetstorm

Microsoft Office Word MSHTML Remote Code Execution

2021-12-09 00:00:00

Microsoft Office MSDT Follina Proof Of Concept

2022-05-31 00:00:00

avleonov

PHDays 11: towards the Independence Era

2022-06-11 00:46:58

Security News: Microsoft Patch Tuesday September 2021, OMIGOD, MSHTML RCE, Confluence RCE, Ghostscript RCE, FORCEDENTRY Pegasus

2021-09-18 23:22:00

ics

2021 Top Malware Strains

2022-08-25 12:00:00

2021 Top Routinely Exploited Vulnerabilities

2022-04-28 12:00:00

cvelist

CVE-2021-40444 Microsoft MSHTML Remote Code Execution Vulnerability

2021-09-15 11:24:26

mmpc

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

2021-09-15 23:40:56

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

2022-05-09 13:00:00

rapid7blog

Metasploit Wrap-Up

2021-12-10 21:36:13

Patch Tuesday - September 2021

2021-09-15 03:44:31

talosblog

Threat Source newsletter (March 9, 2023) — Stop freaking out about ChatGPT

2023-03-09 19:00:12

zdt

Microsoft Office Word MSHTML Remote Code Execution Exploit

2021-12-09 00:00:00

attackerkb

CVE-2021-40444

2021-09-15 00:00:00

CVE-2022-30190

2022-06-01 00:00:00

kaspersky

KLA12278 RCE vulnerability in Microsoft Products (ESU)

2021-09-07 00:00:00

KLA12277 RCE vulnerability in Microsoft Windows

2021-09-07 00:00:00

mssecure

Analyzing attacks that exploit the CVE-2021-40444 MSHTML vulnerability

2021-09-15 23:40:56

Ransomware-as-a-service: Understanding the cybercrime gig economy and how to protect yourself

2022-05-09 13:00:00

cve

CVE-2021-40444

2021-09-15 12:15:16

hivepro

New Threat Actor Exotic Lily acting as Initial Access Broker for Conti and Diavol ransomware group

2022-03-21 05:34:00

Weekly Threat Digest: 14 – 20 March 2022

2022-03-23 04:17:40

cnvd

Microsoft MSHTML Remote Code Execution Vulnerability

2021-09-08 00:00:00

pentestpartners

Follina 0day exploit. Malicious code execution in Office docs

2022-06-01 05:38:30

mskb

KB5019958: Cumulative security update for Internet Explorer: November 8, 2022

2022-11-08 08:00:00

KB5005563: Cumulative security update for Internet Explorer: September 14, 2021

2021-09-07 07:00:00

September 14, 2021—KB5005606 (Monthly Rollup)

2021-09-14 07:00:00

googleprojectzero

2022 0-day In-the-Wild Exploitation…so far

2022-06-30 00:00:00

The More You Know, The More You Know You Don’t Know

2022-04-19 00:00:00

openvas

Microsoft Windows Multiple Vulnerabilities (KB5005613)

2021-09-15 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB5005633)

2021-09-15 00:00:00

Microsoft Windows Multiple Vulnerabilities (KB5005573)

2021-09-15 00:00:00

qualysblog

Microsoft and Adobe Patch Tuesday (September 2021) – Microsoft 60 Vulnerabilities with 3 Critical, Adobe 61 Vulnerabilities

2021-09-14 18:56:17

Qualys Response to CISA Alert: Binding Operational Directive 22-01

2021-11-09 06:15:01

Managing CISA Known Exploited Vulnerabilities with Qualys VMDR

2022-02-23 05:39:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

0.968 High

EPSS

Percentile

99.7%

JSON

Related for CISA:C70D91615E3DC8B589B493118D474566