Microsoft releases a zero-day patch that uses Office-type files


Microsoft just sat there he muttered updates repair 66 safety threats as part of this month’s Patch Tuesday. One of them is responding to a zero-day malicious problem that is being exploited by hackers who use Office files with malicious ActiveX controls. A few days ago, Microsoft he issued a warning about the error after being notified by security investigators who discovered that the perpetrators were using it to recruit potential victims to open the Office’s malicious files. Once opened, the file simply launches a page on Internet Explorer, which has the power of ActiveX downloading malware on the victim’s computer.

When Microsoft published the warning, it was unprepared but simply asked users to make sure that Microsoft Defender Antivirus or Microsoft Defender for Endpoint has changed. Both programs are able to detect risk-taking attempts. It also advised users to disable all ActiveX controls in Internet Explorer. The threats known as CVE-2021-40444 affect Windows Servers from version 2008 and Windows 7 to 10. Security analysts have confirmed that the detection is 100% reliable, and all that would require a computer to crash is to open a file that hackers send. Now, the new update will ensure that the error can no longer be used.

In addition to clearing CVE-2021-40444, these modifications also correct two other major errors. As Registration documentation, solves two remote installation problems for Windows WLAN AutoConfig Service and Open Management Infrastructure.

All sales selected by Engadget are selected by our publishing team, independent of our parent company. Some of our articles include helpful links. If you purchase one of these links, we will be able to make a donation.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *