Threat Actors Sharing MSHTML Zero-day Exploits
Microsoft has recently disclosed MSHTML zero-day vulnerability that allows threat actors to create malicious documents, including Office and RTF docs, to execute commands on a victim's computer remotely. The vulnerability is tracked as CVE-2021-40444 and there is no security update for it yet, despite it being actively exploited by threat actors. After the vulnerability disclosure, security researchers managed to modify the exploits and discovered a new document preview vector. However, threat actors have also been able to reproduce the exploit on their own from information, and malicious document samples posted online and have begun sharing detailed guides and information on hacking forums. Read more...