lswcap
On September 7 (local time), Microsoft released a warning about a zero-day attack using Microsoft Office documents on Windows. Due to a vulnerability known as CVE-2021-40444, when an attacker-provided office document is opened, Internet Explorer creates a malicious ActiveX control and becomes infected with malicious code. Affected are Windows Server, Windows 7, and Windows 10 since 2008, with a severe level score of 8.8 out of 10.
Microsoft has not yet released a patch for this vulnerability, but Microsoft Defender Antivirus and Microsoft Defender for Endpoint are able to detect the attack and prevent infection. In this case, it is said that a warning is displayed as a suspicious Cpl file execution.
Another workaround is to disable all ActiveX controls in Internet Explorer and disable ActiveX on all websites. The Microsoft security warning also describes how to manipulate the registry. For several years, Microsoft has been pushing the edge transition to Internet Explorer as a solution to technical problems. Related information can be found here.
Add comment