It was discovered as CVE-2021-40444, the security concern affects the Windows Server 2008 through 2019 and Windows 8.1 through 10 and has a harshness level of 8.8 out of the maximum 10. Microsoft is also aware of targeted attacks that try to exploit the vulnerability by transmitting the specially-designed Microsoft Office documents to probable victims, the company also starts an advisory recently.<\/p><\/p>\n\n\n\n
\u201cAn attacker could craft a malicious ActiveX control to be used by a Microsoft Office document that hosts the browser rendering engine. The attacker would then have to convince the user to open the malicious document\u201d \u2013 Microsoft<\/p><\/p>\n\n\n\n
However, the attack is circumventing if Microsoft Office executes with the default configuration, where documents from the web are launched in Protected View mode or Application Guard for Office 365.<\/p><\/p>\n\n\n\n
Protected View is a read-only mode that has most of the editing functions disabled, while Application Guard isolates unauthenticated documents, contradicting them to access the corporate resources, the intranet, or other files on the system. Systems with active Microsoft\u2019s Defender Antivirus and Defender for Endpoint (build 1.349.22.0 and above) benefit from protection against attempts to exploit CVE-2021-40444.<\/p><\/p>\n\n\n\n
Microsoft’s enterprise security platform will display alerts about this attack as “Suspicious Cpl File Execution.” Researchers from multiple cybersecurity companies are considered for searching and reporting the vulnerability: Haifei Li of EXPMON, Dhanesh Kizhakkinan, Bryce Abdo, and Genwei Jiang – all three of Mandiant, and Rick Cole of Microsoft Security Intelligence.<\/p><\/p>\n\n\n\n
In a tweet today, EXPMON an exploit monitor states that they discover the vulnerability after analyzing a \u201chighly sophisticated zero-day attack\u201d proposed at Microsoft Office users. EXPMON investigators copied the attack on the latest Office 2019 \/ Office 365 on Windows 10.<\/p><\/p>\n\n\n\n
![\"Microsoft-Shares-Ordinary-Fix-for-Current-Office-365-zero-day-Attacks-image1\"](\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/09\/Microsoft-Shares-Ordinary-Fix-for-Current-Office-365-zero-day-Attacks-image1.jpg\")
<\/figure><\/div>\n\n\n\nIn their revert, Haifei Li of EXPMON said that the attackers used a. DOCX file. Upon launching it, the document loaded the Internet Explorer engine to provide a remote web page from the threat actor.<\/p><\/p>\n\n\n\n
The trojan is then downloaded by utilizing a specific ActiveX control in the web page. Running the threat is done utilizing \u201ca trick called \u2018Cpl File Execution\u2019,\u201d referenced in Microsoft\u2019s advisory. The investigator told us that the attack method is fully reliable, which makes it very dangerous. He reported the vulnerability to Microsoft early Sunday morning.<\/p><\/p>\n\n\n\n
Workaround for CVE-2021-40444 zero-day Attacks<\/strong><\/h2>\n\n\n\nAs there is no security update available at this time, Microsoft has facilitated the following workaround – disable the installation of all ActiveX controls in Internet Explorer. A Windows registry update ensures that ActiveX is rendered inactive for all sites, while already available ActiveX controls will preserve the functioning.<\/p><\/p>\n\n\n\n
Users should save the file below with the.REG extension and run it to apply it to the Policy hive. After a system reboot, the new configuration should be applied. As updates are not available yet for the CVE-2021-40444, they have released the following workaround that prevents ActiveX controls from running in Internet Explorer and applications that embed the browser.<\/p><\/p>\n\n\n\n
Following are the steps to disable the ActiveX controls:<\/p><\/p>\n\n\n\n
Windows Registry Editor Version 5.00<\/p><\/p>\n\n\n\n
\n[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n<\/div><\/div>\n\n\n\n
Once you reboot your computer, ActiveX controls will be disabled in Internet Explorer.<\/p><\/p>\n\n\n\n
When Microsoft facilitates an official security update for this vulnerability, you can remove this temporary Registry fix by manually removing the created Registry keys.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"
Recently, Microsoft shared mitigation for remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. The bug is in MSHTML, the browser translation engine that is also utilized by Microsoft Office documents. Current Growing Attacks against Office 365 It was discovered as CVE-2021-40444, […]<\/p>\n","protected":false},"author":2,"featured_media":3092,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"\n
Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"Recently, Microsoft shared mitigation for remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. The bug is in MSHTML, the browser translation engine that is also utilized by Microsoft Office documents. Current Growing Attacks against Office 365 It was discovered as CVE-2021-40444, […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-08T09:46:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-09-08T09:46:58+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/09\/Microsoft-Shares-Ordinary-Fix-for-Current-Office-365-zero-day-Attacks-featured-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks\",\"datePublished\":\"2021-09-08T09:46:56+00:00\",\"dateModified\":\"2021-09-08T09:46:58+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/\"},\"wordCount\":696,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/\",\"url\":\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/\",\"name\":\"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-09-08T09:46:56+00:00\",\"dateModified\":\"2021-09-08T09:46:58+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/","og_locale":"en_US","og_type":"article","og_title":"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks - Xiarch Solutions Private Limited","og_description":"Recently, Microsoft shared mitigation for remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. The bug is in MSHTML, the browser translation engine that is also utilized by Microsoft Office documents. Current Growing Attacks against Office 365 It was discovered as CVE-2021-40444, […]","og_url":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-09-08T09:46:56+00:00","article_modified_time":"2021-09-08T09:46:58+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/09\/Microsoft-Shares-Ordinary-Fix-for-Current-Office-365-zero-day-Attacks-featured-image.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks","datePublished":"2021-09-08T09:46:56+00:00","dateModified":"2021-09-08T09:46:58+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/"},"wordCount":696,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/","url":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/","name":"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-09-08T09:46:56+00:00","dateModified":"2021-09-08T09:46:58+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/microsoft-shares-ordinary-fix-for-current-office-365-zero-day-attacks\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Microsoft Shares Ordinary Fix for Current Office 365 zero-day Attacks"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3090"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=3090"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3090\/revisions"}],"predecessor-version":[{"id":3094,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3090\/revisions\/3094"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/3092"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=3090"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=3090"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=3090"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\0]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\1]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\2]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n\n\n\n
[HKEY_LOCAL_MACHINE\\SOFTWARE\\Policies\\WOW6432Node\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\Zones\\3]<\/p><\/p>\n\n\n\n
“1001”=dword:00000003<\/p><\/p>\n\n\n\n
“1004”=dword:00000003<\/p><\/p>\n<\/div><\/div>\n\n\n\n
Once you reboot your computer, ActiveX controls will be disabled in Internet Explorer.<\/p><\/p>\n\n\n\n
When Microsoft facilitates an official security update for this vulnerability, you can remove this temporary Registry fix by manually removing the created Registry keys.<\/p><\/p>\n","protected":false},"excerpt":{"rendered":"
Recently, Microsoft shared mitigation for remote code execution vulnerability in Windows that is being exploited in targeted attacks against Office 365 and Office 2019 on Windows 10. The bug is in MSHTML, the browser translation engine that is also utilized by Microsoft Office documents. Current Growing Attacks against Office 365 It was discovered as CVE-2021-40444, […]<\/p>\n","protected":false},"author":2,"featured_media":3092,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"\n