Actively exploited vulnerability

CVE-2021-40444: Microsoft MSHTML Remote Code Execution Vulnerability

Microsoft MSHTML contains a unspecified vulnerability that allows for remote code execution.

CISA KEV source 3 Nov 2021 added 17 Nov 2021 remediation due

Affected product

Microsoft ยท MSHTML

Known ransomware use: Known

Required action

Follow the source advisory and validate exposure in your environment.

Apply updates per vendor instructions.

Related Yasna coverage

Recent reporting that mentions CVE-2021-40444.