• Welcome to the world's largest Chinese hacker forum

    Welcome to the world's largest Chinese hacker forum, our forum registration is open! You can now register for technical communication with us, this is a free and open to the world of the BBS, we founded the purpose for the study of network security, please don't release business of black/grey, or on the BBS posts, to seek help hacker if violations, we will permanently frozen your IP and account, thank you for your cooperation. Hacker attack and defense cracking or network Security

    business please click here: Creation Security  From CNHACKTEAM

CVE-2021-40444:Windows MSHTML 0day

This Wind

Recommended Posts

研究人员发现Windows MSHTML 0day漏洞利用,微软发布预防措施。

近日,多个安全研究人员向微软分别报告了MSHTML中的一个0 day远程代码执行漏洞。并发现了该漏洞的在野利用攻击活动。

MSHTML是Windows中用来渲染web页面的软件组件。虽然主要与IE相关,但也用于其他版本,包括Skype、Outlook、Visual Studio等。


研究人员在MSHTML中发现的0 day漏洞CVE编号为CVE-2021-40444,cvss评分为8.8分。由于MSHTML 是IE的核心之一,该漏洞也存在于IE浏览器中。攻击依赖于受害者打开一个恶意office文件时,MSHTML加载一个精心伪造的ActiveX控件。加载的ActiveX 控件可以运行任意代码来感染系统。所以攻击者需要诱使受害者打开恶意文档。由于没有发布补丁,关于漏洞的更多技术细节尚未公开。



◼通过注册表禁用所有ActiveX 控件的安装。之前安装的ActiveX 控件仍然可以运行,但是不会再新增控件。禁用ActiveX 控件的方式如下,复制一下内容到文本文件中,并保存为.reg文件扩展:

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\0] "1001"=dword:00000003 "1004"=dword:00000003   [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\1] "1001"=dword:00000003 "1004"=dword:00000003   [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\2] "1001"=dword:00000003 "1004"=dword:00000003   [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\3] "1001"=dword:00000003 "1004"=dword:00000003




Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now