Hackers use Internet Explorer to attack Windows 10
Web agency » Digital news » Hackers use Internet Explorer to attack Windows 10

Hackers use Internet Explorer to attack Windows 10

Microsoft has alerted everyone that attackers are exploiting a previously undiscovered zero-day vulnerability in Windows 10 and several versions of Windows Server. The exploit could allow malicious individuals to take control of PCs through tricked websites or malicious Office documents.

What happens with this new achievement?

According to Brian Krebs, the problem appears with the MSHTML part of Internet Explorer. Unfortunately, this also affects Microsoft Office, as it uses the same component to display web content in Office documents.

Microsoft has listed the exploit as CVE-2021-40444, and the company has yet to release a fix for it. Instead, the company suggests disabling the installation of all ActiveX controls in Internet Explorer to mitigate the risk of attack.

While this looks good, the problem is that disabling the installation of all ActiveX controls in Internet Explorer requires tampering with the registry, which can lead to serious problems if not done correctly. Microsoft has a guide on this page that shows you how to do it, but be sure to be careful.

Microsoft wrote an article on the issue, saying, “An attacker could create a malicious ActiveX control for use by a Microsoft Office document that hosts the browser rendering engine. The attacker should then convince the user to open the malicious document. Users whose accounts are configured to have fewer user rights on the system might be less impacted than users who work with administrative user rights.

The EXPMON research group announced that it was able to reproduce the attack. “We reproduced the attack on the latest Office 2019 / Office 365 on Windows 10 (typical user environment), for all affected versions, please read the Microsoft security advisory. The exploit uses logical flaws, so the exploitation is perfectly reliable (and dangerous) ”, he declared on Twitter.

We might see an official patch for the exploit on September 14, 2021, when Microsoft is getting ready to release its next “Patch Tuesday” update. In the meantime, we must be careful and disable the installation of ActiveX controls in Internet Explorer.

★ ★ ★ ★ ★