Attackers are exploiting CVE-2021-40444, a zero-day remote code execution vulnerability in MSHTML (the main HTML component of the Internet Explorer browser), to compromise Windows/Office users in “a limited number of targeted attacks,” Microsoft has warned on Tuesday. About CVE-2021-40444 and the attacks CVE-2021-40444 is a set of logical flaws that can be leveraged by remote, unauthenticated attackers to execute code on the target system. The current attacks were detected by Microsoft, Mandiant, and Expmon researchers. … Continue reading Attackers are exploiting zero-day RCE flaw to target Windows users (CVE-2021-40444)