Microsoft Security Vulnerability – CVE-2021-40444

Microsoft Security Vulnerability

A new, unpatched and active vulnerability affecting all Windows and Office users has been disclosed by Microsoft. Please read the following closely for information on how to protect your organization:

To protect your organization please only open email attachments or any other Microsoft Word files from a known and trusted source.

Microsoft has disclosed a vulnerability of immediate concern (CVE-2021-40444) which affects Windows and all Office products.

This exploit merely requires any user on your network to:

  1. Open an Office file like a Microsoft Word document
  2. Disable the Protected View (Fig 1)by clicking “Enable Editing” (Fig 2)

Upon enabling editing, the exploit automatically downloads malicious files to allow hackers to remotely control the device.

Fig 1 Microsoft Office 2019 opens documents in Protected View

Protected View
Protected View

Fig 2 Vulnerable upon clicking the “Enable Editing” or similar Office button

Enable Editing

We have applied the mitigation provided by Microsoft but due the severity of this vulnerability, it has not been fully patched by Microsoft yet.

In order to protect your organization please only open email attachments or any other Microsoft Office files from a known and trusted source.

Please share this information with your entire organization to ensure the safety of your infrastructure.

Thank you for reading closely and sharing this information broadly.