Cyber criminals are exploiting a previously unknown remote code execution vulnerability (CVE-2021-40444) in Windows 10 and many Windows Server versions that may allow a remote attacker to take control of an affected system when users open a malicious document or browse a malicious website. This vulnerability has been detected in exploits in the wild.
There is no patch available yet but Microsoft has published a work around until a patch is released. Dean Dorton encourages users and administrators to review Microsoft’s advisory and to implement the mitigations and workarounds. For a direct link to Microsoft’s Advisory, visit the link below:
|
Gui Cozzi
Cybersecurity Practice Lead