Security
Headlines
HeadlinesLatestCVEs

Tag

#CVE-2021-40444

CVE-2021-40444 PoC - Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution)

<div class="separator" style="clear: both; text-align: center;"><a href="https://1.bp.blogspot.com/-X7RGnp89UBU/YUNCQ39MNeI/AAAAAAAAunU/ZpAc4HUyWtMEl7jz_yxyLBLvvXkpbacLwCNcBGAsYHQ/s1473/CVE-2021-40444_3_calc.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="820" data-original-width="1473" height="356" src="https://1.bp.blogspot.com/-X7RGnp89UBU/YUNCQ39MNeI/AAAAAAAAunU/ZpAc4HUyWtMEl7jz_yxyLBLvvXkpbacLwCNcBGAsYHQ/w640-h356/CVE-2021-40444_3_calc.png" width="640" /></a></div><p><br /></p><p>Malicious docx <a href="https://www.kitploit.com/search/label/Generator" target="_blank" title="generator">generator</a> to exploit CVE-2021-40444 (Microsoft Office Word <a href="https://www.kitploit.com/search/label/Remote" target="_blank" title="Remote">Remote</a> Code Execution)</p><span><a name='more'></a></span><p><br /></p><p>Creation of this Script is based on some <a href="https://www.kitploit.com/search/label/Reverse%20Engineering" target="_...

kitploit
#CVE-2021-40444#Generator#Python3#Remote#Reverse#Reverse Engineering#Windows
Microsoft Patch Tuesday, September 2021 Edition

Microsoft today pushed software updates to plug dozens of security holes in Windows and related products, including a vulnerability that is already being exploited in active attacks. Also, Apple has issued an emergency update to fix a flaw that's reportedly been abused to install spyware on iOS products, and Google's got a new version of Chrome that tackles two zero-day flaws. Finally, Adobe has released critical security updates for Acrobat, Reader and a slew of other software.

Microsoft: Attackers Exploiting Windows Zero-Day Flaw

Microsoft Corp. warned Tuesday that attackers are exploiting a previously unknown vulnerability in Windows 10 and many Windows Server versions to seize control over PCs when users open a malicious document or visit a booby-trapped website. There is currently no official patch for the flaw, but Microsoft has released recommendations for mitigating the threat.