How to handle Microsoft MSHTML Remote Execution Vulnerability (Active X)

A Microsoft Office MSHTML Remote Code Execution Vulnerability also known as CVE-2021-40444 is used in the Internet Explorer web browser engine and is a component of modern Windows systems, both user and server. The engine is often used by other Microsoft office programs such as Word, Powerpoint, Excel etc to work with web related content.

Attackers exploit this vulnerability by embedding a special object in a Microsoft Office document containing an URL for a malicious script. If a user opens the document, Microsoft Office will download the malicious script from the URL and run it using the MSHTML engine. Then the script can use ActiveX controls to perform malicious actions on the victim’s computer.

This video shows you how to handle Microsoft MSHTML Remote Execution Vulnerability (Active X).

Fix it easily with GYTPOL

GYTPOL allows you to fix this issue and hundreds of other security gaps for all PCs & Servers in your network through a centralized dashboard using our Security Configuration Management platform.

It’s fast, you can automate it and we can also predict the impact before applying.

For more information and a free trial, please complete your details below.

Free Trial Request