New 0-Day Attack Targeting Windows Users With Microsoft Office Documents

ByPR 24
New 0-Day Attack Targeting Windows Users With Microsoft Office Documents | IT Security News

This article has been indexed from The Hacker News

Microsoft on Tuesday warned of an actively exploited zero-day flaw impacting Internet Explorer that’s being used to hijack vulnerable Windows systems by leveraging weaponized Office documents.
Tracked as CVE-2021-40444 (CVSS score: 8.8), the remote code execution flaw is rooted in MSHTML (aka Trident), a proprietary browser engine for the now-discontinued Internet Explorer and which is used in

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to “allow cookies” to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click “Accept” below then you are consenting to this.

Close


Similar Posts

NGA Picks Four States for Academy on Cybersecurity Policy – Security news

NGA Picks Four States for Academy on Cybersecurity Policy – Security news

ByPR 24

NGA Picks Four States for Academy on Cybersecurity PolicyFour states have been chosen by the National Governors Association (NGA) for its 2021 Policy Academy to Advance Whole-of-State Cybersecurity. Kansas, Missouri, Montana, and Washington have all been selected by the NGA Center for Best Practices to work directly with the NGA on cybersecurity governance, workforce development, and government partnership…

Supermicro and PulseSecure Issue Advisories on Trickboot

Supermicro and PulseSecure Issue Advisories on Trickboot

ByPR 24

Cybercrime , Endpoint Security , Fraud Management & Cybercrime Companies Report Several of Their Products Are Vulnerable Doug Olenick (DougOlenick) • March 6, 2021     Supermicro and Pulse Secure have each issued advisories this past week warning users that some of their products are vulnerable to the updated version of Trickbot malware that features…

Attacks Targeting Accellion Product Linked to FIN11 Cybercrime Group

Attacks Targeting Accellion Product Linked to FIN11 Cybercrime Group

ByPR 24

The hacking group behind the recent cyber-attack targeting Accellion’s FTA file transfer service appears to be linked to a threat actor known as FIN11, security researchers with FireEye’s Mandiant division reveal. The attacks on FTA, a soon-to-be-retired service, started in mid-December 2020 and resulted in the compromise of data pertaining to multiple Accellion customers. As…

Update Your Windows PCs to Patch 117 New Flaws, Including 9 Zero-Days

Update Your Windows PCs to Patch 117 New Flaws, Including 9 Zero-Days

ByPR 24

Microsoft rolled out Patch Tuesday updates for the month of July with fixes for a total of 117 security vulnerabilities, including nine zero-day flaws, of which four are said to be under active attacks in the wild, potentially enabling an adversary to take control of affected systems. Of the 117 issues, 13 are rated Critical,…

Kaseya Obtains Decryption Tool After REvil Ransomware Hit

Kaseya Obtains Decryption Tool After REvil Ransomware Hit

ByPR 24

Business Continuity Management / Disaster Recovery , Fraud Management & Cybercrime , Governance & Risk Management Software Vendor Said Approximately 60 MSPs and 1,500 Clients Affected by Attack Doug Olenick (DougOlenick) • July 22, 2021     Kaseya Executive Vice President Mike Sanders (Source: Kaseya) Three weeks after its software was used to facilitate a…

Microsoft could reap more than $193m in new US cyber spending – Security

Microsoft could reap more than $193m in new US cyber spending – Security

ByPR 24

Microsoft stands to receive nearly a quarter of Covid relief funds destined for US cybersecurity defenders, angering some lawmakers who don’t want to increase funding for a company whose software was recently at the heart of two big hacks. Congress allocated the funds at issue in the Covid relief bill after two enormous cyber attacks…