21CTO

Sep 9, 2021 · Information Security

Critical IE Zero-Day (CVE‑2021‑40444) Exploited via Malicious Office Docs – What You Need to Know

Microsoft warned on September 8 that a critical IE zero‑day (CVE‑2021‑40444) is being actively exploited through specially crafted Office documents, allowing remote code execution via ActiveX, and urged users to disable IE ActiveX controls until a patch is released.