{"id":453,"date":"2021-09-20T15:51:22","date_gmt":"2021-09-20T22:51:22","guid":{"rendered":"https:\/\/blogs.pugetsound.edu\/infosec\/?p=453"},"modified":"2021-09-22T13:57:07","modified_gmt":"2021-09-22T20:57:07","slug":"vulnerability-via-malicious-microsoft-office-documents-cve-2021-40444","status":"publish","type":"post","link":"https:\/\/blogs.pugetsound.edu\/infosec\/alerts\/453","title":{"rendered":"Vulnerability via Malicious Microsoft Office Documents &#8211; CVE 2021-40444"},"content":{"rendered":"\n<p>Microsoft reported a remote code execution vulnerability that is actively being exploited by attackers. A malicious party can craft a Microsoft Office document with an ActiveX control which, if installed, will give them access on your computer to run malicious code, exfiltrate data, or perform other actions. Examples of Microsoft Office document file extensions: .docx, .xlsx, .pptx. <\/p>\n\n\n\n<p>For more information on this vulnerability, please see <a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-40444\">https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2021-40444<\/a>.<\/p>\n\n\n\n<p>To stay safe, follow these general tips:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li><strong><em>Do not <\/em><\/strong>open attachments if you do not know the sender or are not expecting the document. <\/li><li>If you are prompted to enable Macros after opening a document, <strong><em>do not<\/em><\/strong> do so. This is a common method attackers use to run malicious code via a seemingly innocuous file. <\/li><li>Beware of phishing emails. For more guidance, see more <a href=\"https:\/\/www.pugetsound.edu\/technology-services\/help-support\/email-phishing-and-spam\">info about email phishing<\/a>. <\/li><\/ul>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft reported a remote code execution vulnerability that is actively being exploited by attackers. A malicious party can craft a Microsoft Office document with an ActiveX control which, if installed, will give them access on your computer to run malicious code, exfiltrate data, or perform other actions. Examples of Microsoft Office document file extensions: .docx, [&hellip;]<\/p>\n","protected":false},"author":521,"featured_media":454,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[6],"tags":[],"class_list":["post-453","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-alerts"],"_links":{"self":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/453","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/users\/521"}],"replies":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/comments?post=453"}],"version-history":[{"count":1,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/453\/revisions"}],"predecessor-version":[{"id":455,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/posts\/453\/revisions\/455"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media\/454"}],"wp:attachment":[{"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/media?parent=453"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/categories?post=453"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blogs.pugetsound.edu\/infosec\/wp-json\/wp\/v2\/tags?post=453"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}