Update: Zero-day vulnerability in Windows exploited via manipulated Microsoft Office documents [15.09.21]
A patch for this vulnerability has now been released and should be installed promptly via Windows Update. Information about the current patchday from Mircosoft can be found here.
Do not open Microsoft Office documents from e-mail programs or the Internet where the source is not clearly trustworthy.
Background: Microsoft issued mitigations on 07/09/2021 for a zero-day vulnerability that is being exploited in targeted attacks on Office 365 and Office 2019. The vulnerability affects Microsoft MSHTML and thus the browser engine of Internet Explorer. MSHTML is also used in Office applications to render web-sourced content in Word, Excel or PowerPoint documents. For an exploit, a user is tricked into opening a malicious docx file.
MSHTML is loaded to display a web page of the attacker. A special ActiveX control within the web page is then used to download and execute the malware. The vulnerability affects Windows Server 2008 through 2019 and Windows 8.1 through 10 and has a severity score of 8.8 out of 10.
If you have any questions, please contact itsec@uni-hohenheim.de.
Do you have questions or comments about this site? contact form