Zero day bugs, succinctly described as “the malicious actors got here first” occur where software manufacturers, in this case Microsoft, were “zero days” ahead of the bad guys. As it stands, there currently is no patch for this ailment. From what is currently know about the Windows Zero Day CVE-2021-40444 bug, the infiltration can occur as follows:
- A malicious Microsoft Office file is opened from the internet. This can either be delivered as an email attachment or by downloading the file from a compromised web link.
- Active X control (embedded code) is included in this document. This code should not have unrestricted access to your computer.
- Once the Active X code has access to your device is activates the Windows MSHTML component which is used primarily for viewing HTML based web pages. The Active X code exploits a vulnerable bug in the MSHTML component, giving it the same level of control as you have to view web pages. This allows the interloper to implant the malware of their choice onto the infected device.
HTML bugs can have cascading negative repercussions once ensconced in your device. While primarily connected with web browsing, a myriad of other business applications utilise HTML to facilitate the rendering and display of web-based content. The implication of this is that CVE-2021-40444 can enable cybercriminals to probe for vulnerabilities in many aspects of your operating system’s web-rendering code.
Mitigating the Threat
Until Microsoft patch this vulnerability, there are a number of steps you can take to reduce the risk of infection to your organisation from the Windows Zero Day CVE-2021-40444:
- Avoid opening any documents that you weren’t expecting to receive.
- Avoid the temptation of breaking out of Office Protected View.
- Consider enforcing Protected View permanently for all external content. To learn more about the utility and importance of Protected View, click here.
- Disable ActiveX controls that use the MSHTML web renderer. To learn more about how to enable or disable Active X settings in Office files, click here.
- Thoroughly communicate best practice guidelines for web security among all staff to help adherence. As with everything related to IT security, the weakest link in the chain will always be the human element.
Follow us on Twitter and LinkedIn for updates on this ongoing threat.
Damien Mallon, Senior Systems Engineer, Datapac
Register for upcoming events
-
"At Barretstown, we rebuild the lives of children, and their families, affected by childhood cancer and other serious illnesses. We serve 5,000 campers a year and have 1200 volunteers each year. Communication is crucially important and Datapac has helped us to streamline, improve and ensure efficiency." -
"Datapac has provided us with a fantastic product and world-class levels of service and support. Whenever people ask me about our experience with Datapac I’m always ready to sing their praises and I would happily recommend their services to any organisation." -
"For many years Datapac has been our sole supplier for the maintenance of Personal Computers and Peripherals in Ireland. Through their Service Centres in Wexford and Dublin, Datapac provides excellent support to our businesses throughout the country and consistently meets the SLA targets which we have set. The skill, expertise and experience of their engineers and other technical support personnel are of the highest standard." -
“The value of dealing with an HP Gold partner in this process can’t be underestimated. Datapac provide us with a local touch and can cover the full range of our IT requirements, but when there is a specific technical requirement like this, they can bring the specialist technical resources of HP to the table. HP and Datapac had a thorough discussion with us around our requirement - and had really done their homework - and then were able to provide us with a very highly specified test platform for us to prove the application on before we committed to purchase.” -
Datapac understands our needs and requirements and has the expertise and experience to follow through on all our requests. Our constant need to reduce costs has been assisted by Datapac's ability to suggest alternative solutions and methods whilst improving both efficiency and productivity. Our partnership with Datapac is akin to having an IT department on site that we simply could not provide ourselves.