Ryuk Ransomware Gang Exploits Microsoft MSHTML Vulnerability 

27
Ryuk Ransomware Gang Exploits Microsoft MSHTML Vulnerability

Researchers from Microsoft and RiskIQ have discovered many campaigns utilizing the freshly patched zero-day, reinforcing the need for enterprises to upgrade affected systems.

Microsoft and RiskIQ collaborated on research that demonstrated early on that Ryuk threat actors were exploiting the CVE-2021-40444 weakness. The flaw is a remote code execution (RCE) vulnerability in Windows that allows malicious Microsoft Office documents to be created.

Last week, the two companies produced separate reports detailing who has been leveraging the flaw–which can be used to disguise a malicious ActiveX control in an Office document–in attacks, as well as their possible ties to recognized criminal organizations.

To Read More: Threatpost

For more such updates follow us on Google News ITsecuritywire News