Windows 10: 0patch fix for MSHTML vulnerability (CVE-2021-40444)

Windows[German]The vulnerability CVE-2021-40444 in the Windows MSHTML library has been known since September 7, 2021. Attackers try to attack Windows machines via this vulnerability using manipulated Office files. There are security updates from Microsoft, but not for older Windows versions. ACROS Security provides 0patch solutions to secure Windows against the MSHTML vulnerability (CVE-2021-40444).


Advertising

MSHTML vulnerability CVE-2021-40444

The MSHTML library included in Windows has vulnerability CVE-2021-40444, which allows remote code execution (RCE), including via manipulated Office documents. MSHTML (Trident) is the HTML rendering engine of Internet Explorer included in all previous versions of Windows. Some users believe that the systems are not vulnerable if Internet Explorer is not used. But mshtml.dll can be used by other programs as well. It is known that attackers have used manipulated Office documents to attack the vulnerability in the HTML rendering engine via ActiveX components downloaded from attacker's websites and reinstalled.

However, Microsoft's hints to mitigate the vulnerability, such as blocking the ability to install ActiveX, were not enough to fend off the attacks. The protected view in Microsoft Office can also be bypassed in attacks. Microsoft had to make several improvements to the proposed workarounds, but failed to eliminate the root of the problem. I had pointed out these problems in the article Disaster Windows MSHTML vulnerability CVE-2021-40444, hopefully a patch will come today and in other posts (see end of article). Then, in September 2021, Microsoft addressed the vulnerability in security updates (see Patch day recap Sept. 2021: Update on MSHTML vulnerability CVE-2021-40444). 

The 0Patch solution for CVE-2021-40444

The team at ACROS Security, which has been providing the 0Patch solution for years, has analyzed the MSHTML vulnerability CVE-2021-40444 and provided a micropatch to render the vulnerability harmless. Mitja Kolsek drew attention to this free solution via Twitter

0Patch for CVE-2021-40444

The details are described in more detail in this blog post from September 27, 2021 by 0patch. The 0patch micropatches are available for free for the following products: 


Advertising

  1. Windows 10 v1803 32bit or 64bit (updated with May 2021 Updates – latest before end of support)
  2. Windows 10 v1809 32bit or 64bit (updated with May 2021 Updates – latest before end of support)
  3. Windows 10 v1903 32bit or 64bit (updated with December 2020 Updates – latest before end of support)

Notes on how the 0patch agent works, which loads the micropatches into memory at the runtime of an application, can be found in the blog posts (such as here).

Similar articles
Attack via Office Documents on Microsoft MSHTML (ActiveX) RCE Vulnerability (CVE-2021-40444)
MSHTML vulnerability CVE-2021-40444 more critical than known
Disaster Windows MSHTML vulnerability CVE-2021-40444, hopefully a patch will come today
Patch day recap Sept. 2021: Update on MSHTML vulnerability CVE-2021-40444

0patch: Fix for Internet Explorer 0-day vulnerability CVE-2020-0674
0patch: Fix for Windows Installer flaw CVE-2020-0683
0patch fix for Windows GDI+ vulnerability CVE-2020-0881
0-day vulnerability in Windows Adobe Type Library
0patch fixes CVE-2020-0687 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1048 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1015 in Windows 7/Server 2008 R2
0patch for 0-day RCE vulnerability in Zoom for Windows
Windows Server 2008 R2: 0patch fixes SIGRed vulnerability
0patch fixes CVE-2020-1113 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1337 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1530 in Windows 7/Server 2008 R2
0patch fixes Zerologon (CVE-2020-1472) vulnerability in Windows Server 2008 R2
0patch fixes CVE-2020-1062 in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1300 in Windows 7/Server 2008 R2
0patch fixes 0-day vulnerability in Windows 7/Server 2008 R2
0patch fixes CVE-2020-1013 in Windows 7/Server 2008 R2
0patch fixes a Local Privilege Escalation 0-day in Sysinternals PsExec
0patch fixes Windows Installer 0-day Local Privilege Escalation vulnerability
0patch fixes 0-day in Internet Explorer
0patch fixes CVE-2021-26877 in the DNS server of Windows Server 2008 R2
0patch fixes Windows Installer LPE-Bug (CVE-2021-26415)
0Patch provides support for Windows 10 version 1809 after EOL
Windows 10 V180x: 0Patch fixes IE vulnerability CVE-2021-31959
0Patch Micropatches for PrintNightmare Vulnerability (CVE-2021-34527)
0patch fix for new Windows PrintNightmare 0-day vulnerability (Aug. 5, 2021)
0patch fix for Windows PetitPotam 0-day vulnerability (Aug. 6, 2021)
2nd 0patch fix for Windows PetitPotam 0-day vulnerability (Aug. 19, 2021)


Cookies helps to fund this blog: Cookie settings
Advertising


This entry was posted in Security, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published.