Australia markets closed
  • ALL ORDS

    7,702.90
    -56.90 (-0.73%)
     
  • ASX 200

    7,403.70
    -56.50 (-0.76%)
     
  • AUD/USD

    0.7268
    -0.0027 (-0.37%)
     
  • OIL

    71.96
    -0.65 (-0.90%)
     
  • GOLD

    1,753.90
    -2.80 (-0.16%)
     
  • BTC-AUD

    65,949.11
    +637.66 (+0.98%)
     
  • CMC Crypto 200

    1,193.48
    -32.05 (-2.62%)
     
  • AUD/EUR

    0.6195
    +0.0002 (+0.03%)
     
  • AUD/NZD

    1.0318
    +0.0013 (+0.13%)
     
  • NZX 50

    13,234.55
    +155.04 (+1.19%)
     
  • NASDAQ

    15,333.47
    -182.44 (-1.18%)
     
  • FTSE

    6,963.64
    -63.84 (-0.91%)
     
  • Dow Jones

    34,584.88
    -166.44 (-0.48%)
     
  • DAX

    15,490.17
    -161.58 (-1.03%)
     
  • Hang Seng

    24,920.76
    +252.91 (+1.03%)
     
  • NIKKEI 225

    30,500.05
    +176.71 (+0.58%)
     

Microsoft issues Windows attack warning that uses malicious Office files

·Associate Editor
·1-min read

Attackers are actively exploiting a Microsoft remote code execution vulnerability using malicious Office files, the tech giant has warned. The vulnerability known as CVE-2021-40444 affects Windows Servers from version 2008 and Windows 7 through 10. What attackers are doing is sending potential victims an Office file and tricking them into opening it. That file automatically opens Internet Explorer to load the bad actor's web page, which has an ActiveX control that downloads malware onto the victim's computer.

Several security researchers reported the zero-day attacks to Microsoft. One of them, Haifei Li of EXPMON, told BleepingComputer that the method is 100 percent reliable — all it would take to infect a system is for the victim to open the malicious file. In Li's case, the attack they came across used a .DOCX document. Microsoft has yet to roll out a security patch for the vulnerability, but it has published mitigation methods to prevent infection. 

The tech giant says Microsoft Defender Antivirus and Microsoft Defender for Endpoint can both detect the vulnerability and prevent infection, so users need to keep them updated and running. Further, it advises disabling all ActiveX controls in Internet Explorer to render it inactive for all websites. Microsoft's security warning contains information how to do that, which involves updating IE's registry and rebooting the computer.

Our goal is to create a safe and engaging place for users to connect over interests and passions. In order to improve our community experience, we are temporarily suspending article commenting