Cyber criminals are exploiting a previously unknown remote code execution vulnerability (CVE-2021-40444) in Windows 10 and many Windows Server versions that may allow a remote attacker to take control of an affected system when users open a malicious document or browse a malicious website. This vulnerability has been detected in exploits in the wild.

There is no patch available yet but Microsoft has published a work around until a patch is released.

Dean Dorton encourages users and administrators to review Microsoft’s advisory and to implement the mitigations and workarounds.

For a direct link to Microsoft’s Advisory, visit the link below:

Learn More

Gui Cozzi
Cybersecurity Practice Lead