Subscribe

Microsoft Finds Remote Code Execution Vulnerability In MSHTML

September 8, 2021

Microsoft has identified a couple of attacks that target a remote code execution vulnerability in MSHTML that affects Microsoft Windows. This also prompted CISA to issue a statement asking “users and organizations to review Microsoft’s mitigations and workarounds to address the remote code execution vulnerability identified as CVE-2021-40444.”

Rick Cole of Microsoft Security Response Center, Haifei Li of EXPMON, Dhanesh Kizhakkinan, Bryce Abdo, and Genwei Jiang of Mandiant discovered the vulnerability.

The Microsoft release mentions that its Defender Antivirus and Defender for Endpoint protect against the vulnerability, so anyone who has the tools and uses automatic updates is safe from the vulnerability. The tech giant also pointed out that enterprise customers who manage updates should “select the detection build 1.349.22.0 or newer and install it across their environments.”

The notifications in Microsoft Defender are displayed as “Suspicious Cpl File Execution.”

Once the investigation is complete, Microsoft will release a security update during Patch Tuesday or in a separate out-of-cycle security update.

In addition, this version adds that Microsoft Office opens documents from the internet in Protected View or Application Guard for Office by default, both of which prevent the attack.

Microsoft recommends disabling the installation of all ActiveX controls in Internet Explorer.

The statement also gave instructions on how to disable ActiveX controls on an individual system.

For more information, read the original story in ZDNet.

Top Stories

Anthropic says AI now writes over 90% of the code behind Claude

Lenovo bets on a post-VMware world with new multi-hypervisor FX systems

Anthropic launches AI healthcare tools amid OpenAI competition

Apple taps Google’s Gemini to strengthen AI push including Siri upgrade

Canadian startup Kepler launches commercially operational optical satellites

Grok generating non-consensual sexualized images in thousands hourly, researcher finds 

Related Articles

Over 59,000 Next.js servers hacked in 48 hours in credential-theft campaign

December 30, 2025 A fast-moving cyberattack has compromised more than 59,000 internet-facing Next.js servers in less than two days after more...

NIST warns of inaccurate internet time after atomic clock disruption

December 29, 2025 The U.S. National Institute of Standards and Technology (NIST) has warned that several of its Internet Time more...

Critical LangChain flaw exposes secrets across millions of AI agent deployments

December 29, 2025 A critical security flaw has been found in LangChain, one of the most widely used frameworks for more...

Facial recognition becomes mandatory for new mobile accounts in South Korea

December 23, 2025 South Korea will require facial recognition scans to open new mobile phone accounts. The new rule is more...

Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.
Picture of TND News Desk

TND News Desk

Staff writer for Tech Newsday.

Jim Love

Jim is an author and podcast host with over 40 years in technology.

Share:
Facebook
Twitter
LinkedIn
Tech News Day is a daily publication featuring key news stories about technology and how it affects businesses.

Follow Us

X-twitter Linkedin-in

Popular categories

Tech News Delivered

New, Relevant Tech Stories. Our selection is done by industry professionals – executives like you who pick the top stories for that day. Our writers summarize them to give you the key takeaways.
Subscribe
© 2025 TECHNEWSDAY. All rights reserved.