{"id":3101,"date":"2021-09-09T18:59:08","date_gmt":"2021-09-09T13:29:08","guid":{"rendered":"https:\/\/xiarch.com\/blog\/?p=3101"},"modified":"2021-09-09T18:59:13","modified_gmt":"2021-09-09T13:29:13","slug":"know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft","status":"publish","type":"post","link":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/","title":{"rendered":"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft"},"content":{"rendered":"\n<p>One of the reliable and dangerous bugs is being harmed to start the remote code execution attacks against specific targets. Microsoft has alerted that the threat actors are exploiting a previously anonymous vulnerability in Windows 10 and many Windows Server versions to seize control over the PCs when users launch a malicious document or go through a Booby-Trapped website. There is recently no official patch for the bug, but Microsoft has released suggestions for avoiding the threat.<\/p>\n\n\n\n<p>As per the security advisory, the security flaw CVE-2021-40444 affects the \u201cMSHTML\u201d element of the Internet Explorer (IE) on Windows 10 and many Windows Server versions. Internet Explorer was also slowly discarded for more recent Windows browsers like Edge, but a similar vulnerable element also is utilized by the Microsoft Office application for translating web-based content.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>How it is Affecting More than Office?<\/strong><\/h2>\n\n\n\n<p>Though Microsoft is still researching the vulnerability, it could also prove to go further impacting just Microsoft Office documents due to the universal utilization of MSHTML on Windows, alerted by the security investigators. Even if the vulnerability does not go further Office documents, its presence, and the fact that the threat actor is already trying to exploit are disquieting enough for various organizations to take urgent action, stated by another security professional.<\/p>\n\n\n\n<p>Basically in every month in 2021 so far, Microsoft has been forced to revert to zero-day threats targeting enormous fodder of its user base. Moreover, According to our experts was the only month so far this year that Microsoft did not update a patch to fix at least one zero-day attack in Windows or supported software.<\/p>\n\n\n\n<p>\u201cA threat actor could design a malicious ActiveX control to be utilized by a Microsoft Office document that hosts the browser translating engine,\u201d Microsoft stated. \u201cThe threat actor would then have to convince the user to launch the malicious document. Users whose accounts are setting up to have fewer user rights on the system could be less affected than users who execute with administrative privileges.\u201d<\/p>\n\n\n\n<p>Microsoft has not yet discharged a patch for CVE-2021-40444 but states that users can avoid the attack from this bug by damaging the installation of all ActiveX controls in Internet Explorer. Microsoft states that the vulnerability is recently being utilized in addressed threats, even though its advisory credits three distinct entities with reporting the bug.<\/p>\n\n\n\n<p>One of the investigators credited \u2013 EXPMON stated on Twitter that it had manufactured the attack on the latest Office 2019 \/ Office 365 on Windows 10. \u201cThe exploit utilizes the logical flaw so the exploitation is completely decent and dangerous,\u201d EXPMON tweeted.<\/p>\n\n\n\n<p>Windows users could see an official fix for the flaw as soon as possible when Microsoft is contracted to release its monthly \u201cPatch Tuesday\u201d bunch of security releases. This year became one of the toughest years for Windows users and so-called \u201czero day\u201d threats, which assign to vulnerabilities that are being vigorously exploited to crack into vulnerable systems.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\"><strong>Mitigations and Workarounds<\/strong><\/h2>\n\n\n\n<p>Microsoft has allowed some of the suggestions for the organizations affected by the vulnerability \u2013first founded by Rick Cole of the Microsoft Security Response Center. It may arrive in the form of a Patch Tuesday fix or an out-of-band patch, relying on what the investigators founded, the company said.&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;<\/p>\n\n\n\n<p>Almost all of those zero-days consist up of older Microsoft technologies or those that have been elderly, like IE11; Microsoft officially resigned the support for Microsoft Office 365 applications and services on IE11 last month. In July, Microsoft pressed out a fix for the Print Nightmare vulnerability that was present in every supported version of Windows, only to see the patch cause problems for a number of Windows users.<\/p>\n\n\n\n<div class=\"wp-block-image\"><figure class=\"aligncenter size-large\"><img decoding=\"async\" loading=\"lazy\" width=\"600\" height=\"490\" src=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/09\/Know-how-Cybercriminals-Exploit-Windows-Zero-Day-Flaw-Microsoft-image1.png\" alt=\"Know-how-Cybercriminals-Exploit-Windows-Zero-Day-Flaw-Microsoft-image1\" class=\"wp-image-3104\" srcset=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/09\/Know-how-Cybercriminals-Exploit-Windows-Zero-Day-Flaw-Microsoft-image1.png 600w, https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/09\/Know-how-Cybercriminals-Exploit-Windows-Zero-Day-Flaw-Microsoft-image1-300x245.png 300w\" sizes=\"(max-width: 600px) 100vw, 600px\" \/><\/figure><\/div>\n\n\n\n<p>On June\u2019s Patch Tuesday, Microsoft addressed six zero-day security holes. And of course, in March, hundreds of thousands of organizations running Microsoft Exchange email servers found those systems compromised with backdoors thanks to four zero-day flaws in Exchange.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>One of the reliable and dangerous bugs is being harmed to start the remote code execution attacks against specific targets. Microsoft has alerted that the threat actors are exploiting a previously anonymous vulnerability in Windows 10 and many Windows Server versions to seize control over the PCs when users launch a malicious document or go [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":3103,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[6],"tags":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.11 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft - Xiarch Solutions Private Limited<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft - Xiarch Solutions Private Limited\" \/>\n<meta property=\"og:description\" content=\"One of the reliable and dangerous bugs is being harmed to start the remote code execution attacks against specific targets. Microsoft has alerted that the threat actors are exploiting a previously anonymous vulnerability in Windows 10 and many Windows Server versions to seize control over the PCs when users launch a malicious document or go [&hellip;]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/\" \/>\n<meta property=\"og:site_name\" content=\"Xiarch Solutions Private Limited\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/xiarch\/\" \/>\n<meta property=\"article:published_time\" content=\"2021-09-09T13:29:08+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2021-09-09T13:29:13+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/09\/Know-how-Cybercriminals-Exploit-Windows-Zero-Day-Flaw-Microsoft-featured-image.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1000\" \/>\n\t<meta property=\"og:image:height\" content=\"525\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Xiarch Security\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@xiarch\" \/>\n<meta name=\"twitter:site\" content=\"@xiarch\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Xiarch Security\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/\"},\"author\":{\"name\":\"Xiarch Security\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\"},\"headline\":\"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft\",\"datePublished\":\"2021-09-09T13:29:08+00:00\",\"dateModified\":\"2021-09-09T13:29:13+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/\"},\"wordCount\":655,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"articleSection\":[\"Vulnerabilities\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/\",\"url\":\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/\",\"name\":\"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft - Xiarch Solutions Private Limited\",\"isPartOf\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#website\"},\"datePublished\":\"2021-09-09T13:29:08+00:00\",\"dateModified\":\"2021-09-09T13:29:13+00:00\",\"breadcrumb\":{\"@id\":\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/xiarch.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/xiarch.com\/blog\/#website\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"name\":\"Xiarch Solutions Private Limited\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/xiarch.com\/blog\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/xiarch.com\/blog\/#organization\",\"name\":\"Xiarch\",\"url\":\"https:\/\/xiarch.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"contentUrl\":\"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png\",\"width\":300,\"height\":300,\"caption\":\"Xiarch\"},\"image\":{\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/xiarch\/\",\"https:\/\/twitter.com\/xiarch\",\"https:\/\/www.linkedin.com\/company\/xiarch\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c\",\"name\":\"Xiarch Security\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g\",\"caption\":\"Xiarch Security\"},\"sameAs\":[\"https:\/\/xiarch.com\/blog\/\"],\"url\":\"https:\/\/xiarch.com\/blog\/author\/vector\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft - Xiarch Solutions Private Limited","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/","og_locale":"en_US","og_type":"article","og_title":"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft - Xiarch Solutions Private Limited","og_description":"One of the reliable and dangerous bugs is being harmed to start the remote code execution attacks against specific targets. Microsoft has alerted that the threat actors are exploiting a previously anonymous vulnerability in Windows 10 and many Windows Server versions to seize control over the PCs when users launch a malicious document or go [&hellip;]","og_url":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/","og_site_name":"Xiarch Solutions Private Limited","article_publisher":"https:\/\/www.facebook.com\/xiarch\/","article_published_time":"2021-09-09T13:29:08+00:00","article_modified_time":"2021-09-09T13:29:13+00:00","og_image":[{"width":1000,"height":525,"url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/09\/Know-how-Cybercriminals-Exploit-Windows-Zero-Day-Flaw-Microsoft-featured-image.jpg","type":"image\/jpeg"}],"author":"Xiarch Security","twitter_card":"summary_large_image","twitter_creator":"@xiarch","twitter_site":"@xiarch","twitter_misc":{"Written by":"Xiarch Security","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/#article","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/"},"author":{"name":"Xiarch Security","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c"},"headline":"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft","datePublished":"2021-09-09T13:29:08+00:00","dateModified":"2021-09-09T13:29:13+00:00","mainEntityOfPage":{"@id":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/"},"wordCount":655,"commentCount":0,"publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"articleSection":["Vulnerabilities"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/","url":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/","name":"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft - Xiarch Solutions Private Limited","isPartOf":{"@id":"https:\/\/xiarch.com\/blog\/#website"},"datePublished":"2021-09-09T13:29:08+00:00","dateModified":"2021-09-09T13:29:13+00:00","breadcrumb":{"@id":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/xiarch.com\/blog\/know-how-cybercriminals-exploit-windows-zero-day-flaw-microsoft\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/xiarch.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Know how Cybercriminals Exploit Windows Zero-Day Flaw: Microsoft"}]},{"@type":"WebSite","@id":"https:\/\/xiarch.com\/blog\/#website","url":"https:\/\/xiarch.com\/blog\/","name":"Xiarch Solutions Private Limited","description":"","publisher":{"@id":"https:\/\/xiarch.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/xiarch.com\/blog\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/xiarch.com\/blog\/#organization","name":"Xiarch","url":"https:\/\/xiarch.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","contentUrl":"https:\/\/xiarch.com\/blog\/wp-content\/uploads\/2021\/06\/xi-logo-002.png","width":300,"height":300,"caption":"Xiarch"},"image":{"@id":"https:\/\/xiarch.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/xiarch\/","https:\/\/twitter.com\/xiarch","https:\/\/www.linkedin.com\/company\/xiarch"]},{"@type":"Person","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/655d814a04eacce56942270cfdc5c59c","name":"Xiarch Security","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/xiarch.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d33699ed91b76568586dc1ae278ea568?s=96&d=mm&r=g","caption":"Xiarch Security"},"sameAs":["https:\/\/xiarch.com\/blog\/"],"url":"https:\/\/xiarch.com\/blog\/author\/vector\/"}]}},"_links":{"self":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3101"}],"collection":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/comments?post=3101"}],"version-history":[{"count":1,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3101\/revisions"}],"predecessor-version":[{"id":3105,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/posts\/3101\/revisions\/3105"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media\/3103"}],"wp:attachment":[{"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/media?parent=3101"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/categories?post=3101"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/xiarch.com\/blog\/wp-json\/wp\/v2\/tags?post=3101"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}